Procedural Manual for the Election Assistance Commission's Voting System Test Laboratory Program, 50140-50172 [E8-19064]

Download as PDF 50140 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices Information Collection Activity; Proposed Information Collection; Comment Request U.S. Election Assistance Commission (EAC). ACTION: Notice and request for comments. Program Manual, please contact Ms. Laiza N. Otero at (202) 566–2209 or via e-mail at lotero@eac.gov. You may also view the proposed collection instrument by visiting the EAC’s Web site at https:// www.eac.gov. SUPPLEMENTARY INFORMATION: ELECTION ASSISTANCE COMMISSION AGENCY: SUMMARY: The U.S. Election Assistance Commission has submitted the following information collection request (Voting System Test Laboratory Accreditation Program Manual) to the Office of Management and Budget (OMB) for review and clearance in accordance with the Paperwork Reduction Act of 1995. The information collection was previously published in the Federal Register on February 2, 2008, at 73 FR 6494. The notice allowed for a 60-day public comment period. No comments were received on this information collection; however, modifications were made to improve and clarify the information collection based on comments submitted to a request for substantive comments (73 FR 6495) and internal review of the document. The purpose of this notice is to allow an additional 30 days for public comments. Comments are encouraged and will be accepted until September 24, 2008. This process is conducted in accordance with 5 CFR 1320.10. Comments are invited on: (a) Whether the proposed collection of information is necessary for the proper performance of the functions of the agency, including whether the information shall have practical utility; (b) the accuracy of the agency’s estimate of the burden of the proposed information collection; (c) ways to enhance the quality, utility, and clarity of the information to be collected; and (d) ways to minimize the burden of the information collection on respondents, including through the use of automated collection techniques or other forms of information technology. DATES: Written comments must be submitted on or before September 24, 2008. Written comments and recommendations on the proposed information collection must be sent to: OMB Reviewer: Alexander T. Hunt, Office of Management and Budget, Room 10235, New Executive Office Building, Washington, DC 20503, (202) 395–7316. FOR FURTHER INFORMATION CONTACT: To request more information on this proposed information collection or to obtain a copy of the EAC’s Voting System Test Laboratory Accreditation jlentini on PROD1PC65 with NOTICES2 ADDRESSES: VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 Title: Voting System Test Laboratory Accreditation Program Manual. OMB Number: Pending. Type of Review: Regular submission. Needs and Uses: Section 231(b) of the Help America Vote Act (HAVA) of 2002 (42 U.S.C. § 15371(b)) requires that the EAC provide for the accreditation and revocation of accreditation of independent, non-federal laboratories qualified to test voting systems to Federal standards. Generally, the EAC considers for accreditation those laboratories evaluated and recommended by the National Institute of Standards and Technology (NIST) pursuant to HAVA Section 231(b)(1). However, consistent with HAVA Section 231(b)(2)(B), the Commission may also vote to accredit laboratories outside of those recommended by NIST upon publication of an explanation of the reason for any such accreditation. In order to meet its statutory requirements under HAVA § 15371(b), the EAC has developed the EAC’s Voting System Test Laboratory Accreditation Program. The procedural requirements of the program are established in the proposed information collection, the EAC Voting System Test Laboratory Accreditation Program Manual. Although participation in the program is voluntary, adherence to the program’s procedural requirements is mandatory for participants. The procedural requirements of this Manual will supersede any prior laboratory accreditation requirements issued by the EAC. This manual shall be read in conjunction with the EAC’s Voting System Testing and Certification Program Manual (OMB 3265–0004). Affected Public: Voting system test laboratories. Estimated Number of Respondents: 8. Total Annual Responses: 8. Estimated Total Annual Burden Hours: 200 hours. Thomas R. Wilkey, Executive Director, U.S. Election Assistance Commission. [FR Doc. E8–19066 Filed 8–22–08; 8:45 am] BILLING CODE 6820–KF–P PO 00000 Frm 00002 Fmt 4701 Sfmt 4703 ELECTION ASSISTANCE COMMISSION Procedural Manual for the Election Assistance Commission’s Voting System Test Laboratory Program United States Election Assistance Commission (EAC). ACTION: Notice; Publication of Voting System Test Laboratory Program Manual. AGENCY: SUMMARY: The U.S. Election Assistance Commission (EAC) is publishing a procedural manual for its Voting System Test Laboratory Program. This program sets the administrative procedures for laboratories to obtain and maintain accreditation to test voting systems under the EAC’s Voluntary Testing and Certification Program. The program is mandated by the Help America Vote Act (HAVA) at 42 U.S.C. 15371. FOR FURTHER INFORMATION CONTACT: Brian Hancock, Director, Voting System Certification, Washington, DC, (202) 566–3100, Fax: (202) 566–1392. SUPPLEMENTARY INFORMATION: Background HAVA requires that the EAC certify and decertify voting systems through testing conducted by accredited laboratories. Section 231(a)(1) of HAVA (42 U.S.C. 15371) specifically requires the EAC to ‘‘* * * provide for the testing, certification, decertification and recertification of voting system hardware and software by accredited laboratories.’’ To meet this obligation, the EAC has created a voluntary program to test voting systems to Federal voting system standards by accredited laboratories. The Voting System Test Laboratory Program Manual sets the procedures for the test laboratories to follow in order to receive and maintain accreditation as well as procedures for the documentation and publication of testing information. In creating the Laboratory Manual the EAC sought input from experts and stakeholders. Specifically, the EAC conducted meetings with representatives from the voting system test laboratories and from the voting system manufacturing community. Additionally, the EAC sought input from the public. A draft version of the EAC Voting System Test Laboratory Program Manual was published with a request for public comment on February 4, 2008. (73 FR 6495). The public comment period was open until 5 p.m. EST on April 4, 2008. While previous notice and public comment period were not required by law, all comments received were considered in the drafting of this final administrative manual. E:\FR\FM\25AUN2.SGM 25AUN2 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices Discussion of Comments jlentini on PROD1PC65 with NOTICES2 The EAC received thirty-eight comments from the public. The majority of these comments came from voting system test laboratories, with the remainder coming from the general public. The majority of comments received by the Commission raised concerns or questioned the meaning or application of various provisions of the manual. Another block of comments were less specific and focused on the fundamental purpose behind the program or its basic methodology. Comments in this category included concerns regarding the level of allowable participation by manufacturers in the testing process and the responsibilities of Voting System Test Laboratories regarding third party testing. Finally, there were a range of specific recommendations on a wide variety of topics. Examples include: (1) Changing the scope of core and non-core VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 testing; (2) clarifying who is responsible for the validation of test methods; (3) allowing hardware mitigation by the manufacturer; (4) clarifying the scope of the use of prior testing in a testing campaign; (5) clarifying the restriction on testing at manufacturer owned or controlled facilities and the allowance of such activity in conjunction with the witness or trusted build; and (6) placing the responsibility for the proper identification of proprietary information on the manufacturer and not on the testing laboratory. The EAC reviewed and considered each of the comments presented. In doing so, it also gathered additional information and performed research regarding the suggestions. The EAC’s commitment to public participation is evident in the final version of the Laboratory Manual. The Manual has been enhanced in a number of areas in response to public comment. A total of about five pages have been added to the PO 00000 Frm 00003 Fmt 4701 Sfmt 4703 50141 Manual. Throughout the entire Manual the EAC added or amended language to clarify its procedures consistent with the comments it received. For example, to further clarify terminology used throughout the Manual eight terms were newly defined or significantly clarified in the definition section of Chapter 1. Additionally, the EAC made changes to clarify the independent role of Voting System Test Labs in the program, enhance the supervision requirements of EAC accredited laboratories over third party contracted laboratories, and further defined the level of detail required by the EAC on test plans, test cases, and test reports. Finally, the EAC clarified financial stability documentation requirements for laboratories seeking accreditation. Thomas R. Wilkey, Executive Director, U.S. Election Assistance Commission. BILLING CODE 6820–KF–P E:\FR\FM\25AUN2.SGM 25AUN2 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices BILLING CODE 6820–KF–C VerDate Aug<31>2005 17:16 Aug 22, 2008 Jkt 214001 PO 00000 Frm 00004 Fmt 4701 Sfmt 4703 E:\FR\FM\25AUN2.SGM 25AUN2 EN25AU08.005</GPH> jlentini on PROD1PC65 with NOTICES2 50142 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices jlentini on PROD1PC65 with NOTICES2 Paperwork Reduction Act The reporting requirements in this manual are pending approval under the Paperwork Reduction Act of 1995, by the Office of Management and Budget Control (OMB). Persons are not required to respond to this collection of information unless it displays a currently valid OMB number. Information gathered pursuant to this document and its forms will be used solely to administer the EAC Testing & Certification and Laboratory Accreditation Program. This program is voluntary. Individuals who wish to participate in the program, however, must meet its requirements. The estimated total annual hourly burden on the voting system manufacturing industry and election officials is 200 hours. This estimate includes the time required for reviewing the instructions, gathering information, and completing the prescribed forms. Send comments regarding this burden estimate or any other aspect of this collection, including suggestions for reducing this burden to the U.S. Election Assistance Commission, Voting System Testing and Certification Program, Office of the Program Director, 1225 New York Avenue, NW., Suite 1100, Washington, DC 20005. 1. Introduction 1.1. Background 1.2. Authority 1.3. Role of the National Institute of Standards and Technology 1.4. Scope 1.7. Program Personnel 1.8. Submission of Documents 1.9. Receipt of Documents—VSTL 1.10. Receipt of Documents—EAC 1.11. Record Retention—EAC 1.12. Publication and Release of Documents 1.13. References 1.14. Definitions 1.15. Acronyms and Abbreviations 2. Program Requirements 2.1. Overview 2.2. Program Requirements—Generally 2.3. NIST Recommendation 2.4. NVLAP Accreditation 2.5. Conflict of Interest and Prohibited Practices Program 2.6. Personnel Policies 2.7. Notification of Changes 2.8. Site Visits 2.9. Notice of Lawsuits 2.10. Testing, Technical Practices and Reporting 2.11. Laboratory Independence 2.12. Authority To Do Business in the United States 2.13. Communications 2.14. Resources and Financial Stability 2.15. Recordkeeping 3. Accreditation Process 3.1. Overview 3.2. NIST Recommendation 3.3. EAC Invitation 3.4. Application VerDate Aug<31>2005 17:16 Aug 22, 2008 Jkt 214001 3.5. EAC Review of Application Package 3.6. Grant of Accreditation 3.7. Effect of Accreditation 3.8. Expiration and Renewal of Accreditation 3.9. Denial of Accreditation 3.10. Requesting Appeal 3.11. EAC Action on a Request for Appeal 3.12. Submission of Appeal 3.13. Consideration of Appeal 3.14. Commissioner’s Decision on Appeal 3.15. Effect of Denial of Accreditation 4. Compliance Management Program 4.1. Purpose 4.2. Compliance Management Program, Generally 4.3. VSTL Notification of Changes 4.4. Request for Documents and Information 4.5. On Site Laboratory Review—Generally 4.6. On Site Laboratory Review—Frequency 4.7. On Site Laboratory Review—Procedure 4.8. EAC Compliance Management Reports 4.9. Corrective Action 5. Revocation of Accreditation 5.1. Overview 5.2. Revocation Policy 5.3. Revocation—Generally 5.4. Notice of Intent to Suspend 5.5. Suspension of Accreditation 5.6. Commissioners’ Decision on Revocation of Accreditation 5.7. Effect of Revocation of Accreditation 5.8. Requesting Appeal 5.9. EAC Action on a Request for Appeal 5.10. Submission of Appeal 5.11. Consideration of Appeal 5.12. Commissioner’s Decision on Appeal 6. Requests for Interpretations 6.1. Overview 6.2. Policy 6.3. Requirements for Submitting a Request for Interpretation 6.4. Procedure for Submitting a Request for Interpretation 6.5. EAC Action on a Request for Interpretation 6.6. Effect of Interpretation 6.7. Library of Interpretations 7. Release of Laboratory Accreditation Program Information 7.1. Overview 7.2. EAC Policy on the Release of Certification Program Information 7.3. Trade Secrets 7.4. Privileged or Confidential Commercial Information 7.5. EAC’s Responsibilities 7.6. VSTL’s Responsibilities 7.7. Personal Information Appendix A. Certification Test Plan Format and Content Appendix B. Certification Test Report Format and Content Appendix C. Certification of Laboratory Conditions and Practices Form Appendix D. Specification for Reproduction and Use of the EAC Laboratory Accreditation Logo 1. Introduction 1.1. Background. The Federal Election Commission (FEC) adopted the first formal set of voluntary Federal standards for computer-based voting PO 00000 Frm 00005 Fmt 4701 Sfmt 4703 50143 systems in January 1990. At that time, no national program or organization existed to test and certify such systems to the standards. The National Association of State Election Directors (NASED) stepped up to fill this void in 1994. NASED is an independent, nongovernmental organization of State election officials. The organization formed the nation’s first national program to test and qualify voting systems to the new Federal standards. This program utilized independent laboratories to test voting system to voluntary Federal standards. To facilitate this process NASED accredited these test laboratories, which it referred to as Independent Test Authorities (ITA). In late 2002, Congress passed the Help America Vote Act of 2002 (HAVA). HAVA created the U.S. Election Assistance Commission (EAC) and assigned to the EAC the responsibility for both setting voting system standards and providing for the voluntary testing and certification of voting systems. This mandate represented the first time the Federal government provided for the voluntary testing, certification, and decertification of voting systems nationwide. In response to this HAVA requirement, the EAC has developed the voting system standards in the form of the Voluntary Voting System Guidelines (VVSG), a voting system certification program in the form of the Voting System Testing and Certification Program Manual and this document, the Voting System Test Laboratory Manual. 1.2. Authority. HAVA Section 231(b) (42 U.S.C. § 15371(b)) requires that the EAC provide for the accreditation and revocation of accreditation of independent, non-federal laboratories qualified to test voting systems to Federal standards. Generally, the EAC considers for accreditation those laboratories evaluated and recommend by the National Institute of Standards and Technology (NIST) pursuant to HAVA Section 231(b)(1). However, consistent with HAVA Section 231(b)(2)(B), the Commission may also vote to accredit laboratories outside of those recommended by NIST upon publication of an explanation of the reason for any such accreditation. 1.3. Role of the National Institute of Standards and Technology. Section 231(b) (1) of HAVA requires that the National Institute of Standards and Technology ‘‘conduct an evaluation of independent, non-federal laboratories and shall submit to the Commission a list of those laboratories * * * to be accredited. * * *’’ Additionally, HAVA Section 231(c) requires NIST to monitor E:\FR\FM\25AUN2.SGM 25AUN2 jlentini on PROD1PC65 with NOTICES2 50144 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices and review the performance of EAC accredited laboratories. NIST has chosen its National Voluntary Laboratory Accreditation Program (NVLAP) to carry out these duties. NVLAP conducts a review of applicant laboratories in order to provide a measure of confidence that such laboratories are capable of performing testing of voting systems to Federal standards. Additionally, the NVLAP program monitors laboratories by requiring regular assessments. Laboratories are reviewed one year after their initial accreditation and biennially thereafter. The EAC has made NVLAP accreditation a requirement of its Laboratory Accreditation Program. However, a NVLAP accreditation is not an EAC accreditation. EAC is the sole Federal authority for the accreditation and revocation of accreditation of Voting System Test Laboratories (VSTL). 1.4. Scope. This Manual provides the procedural requirements of the EAC voting system Laboratory Accreditation Program. Although participation in the program is voluntary, adherence to the program’s procedural requirements is mandatory for participants. The procedural requirements of this Manual supersede any prior laboratory accreditation requirements issued by the EAC. This manual shall be read in conjunction with the EAC Voting System Testing and Certification Manual. 1.5. Manual Maintenance and Revision. The Manual will be reviewed periodically and updated to meet the needs of the EAC, VSTLs, election officials, and public policy. The EAC is responsible for revising this document. All revisions will be made consistent with Federal law. Substantive input from stakeholders and the public will be sought whenever possible. Changes in policy requiring immediate implementation will be noticed via policy memoranda and will be issued to each VSTL and registered Manufacturers. Changes, addendums, or updated versions will also be posted to the EAC Web site at www.eac.gov. 1.6. Clarification of Program Requirements and Procedures. VSTLs and registered Manufacturers may request clarification regarding the requirements and procedures set forth in this manual. Requests for clarification must be based upon ambiguity arising from the application of this manual. Hypothetical questions will not be considered. Requests shall be submitted to the Program Director in writing. The request shall clearly identify the section of the manual and issue to be clarified, a proposed interpretation and all relevant facts. Clarifications issued by VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 the EAC will be provided to all EAC VSTLs, registered Manufacturers and placed on EAC’s Web site. 1.7. Program Personnel. All EAC personnel and contractors associated with this program will be held to the highest ethical standards. All agents of the EAC involved in the Accreditation Program will be subject to conflict-ofinterest reporting and review, consistent with Federal law and regulation. 1.8. Submission of Documents. Any documents submitted pursuant to the requirements of this Manual shall be submitted: 1.8.1. If sent electronically, via secure e-mail or physical delivery of a compact disk, unless otherwise specified. The submitted electronic files shall be in Microsoft Word or Adobe PDF format, formatted to protect the document from alteration. 1.8.2. With a proper signature when required by this Manual. Documents that require an authorized signature may be signed with an electronic representation or image of the signature of an authorized management representative. 1.8.3. If sent via physical delivery, by Certified Mail TM (or similar means that allows tracking) to the following address: Testing and Certification Program Director, U.S. Election Assistance Commission, 1225 New York Avenue, NW., Suite 1100, Washington, D.C. 20005. 1.9. Receipt of Documents—VSTL. For purposes of this Manual, a document, notice, or other communication is considered received by a VSTL upon one of the following: 1.9.1. The actual, documented date the correspondence was received (either electronically or physically) at the VSTL, or 1.9.2. If no documentation of the actual delivery date exists, the date of constructive receipt of the communication. For electronic correspondence, documents will be constructively received the day after the date sent. For mail correspondence, the document will be constructively received 3 days after the date sent. 1.9.3. The term ‘‘receipt’’ shall mean the date a document or correspondence arrives (either electronically or physically) at the VSTL’s place of business. Arrival does not require that an agent of the VSTL open, read, or review the correspondence. 1.10. Receipt of Documents—EAC. For purposes of this Manual, a document, notice, or other communication is considered received by the EAC upon its physical or electronic arrival at the agency. All documents received by the agency will PO 00000 Frm 00006 Fmt 4701 Sfmt 4703 be physically or electronically date stamped. This stamp shall serve as the date of receipt. Documents received after the regular business day (5:00 PM Eastern Standard Time), will be treated as if received on the next business day. 1.11. Record Retention—EAC. The EAC shall retain all records associated with accreditation of Voting System Test Laboratories. The records shall otherwise be retained or disposed of consistent with Federal statutes and regulations. 1.12. Publication and Release of Documents. The EAC will release documents consistent with the requirements of Federal law. It is EAC policy to make the laboratory accreditation process as open and public as possible. Any documents (or portions thereof) submitted under this program will be made available to the public unless specifically protected from release by law. The primary means for making this information available is through the EAC Web site. See Chapter 7 of this Manual for additional information. 1.13. References. The following documents are referenced in this Manual. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. —ISO/IEC 17011, Conformity assessment—General requirements for accreditation bodies accrediting conformity assessment bodies. —ISO/IEC 17025, General requirements for the competence of testing and calibration laboratories. —NIST Handbook 150, (NVLAP) Procedures and General Requirements. —NIST Handbook 150–22, (NVLAP) Voting System Testing. 1.14. Definitions. For purposes of this Manual, the terms listed below have the following definitions. Applicant Laboratory. An independent, non-Federal laboratory which has applied for EAC accreditation after receipt of an invitation. Commission. The U.S. Election Assistance Commission, as an agency. Commissioners. The serving commissioners of the U.S. Election Assistance Commission. Contracted Third Party Laboratory. A laboratory contracted or otherwise providing testing services to a VSTL to meet program requirements. Days. Calendar days, unless otherwise noted. When counting days, for the purpose of submitting or receiving a document, the count shall begin on the first full calendar day after the date the document was received. E:\FR\FM\25AUN2.SGM 25AUN2 jlentini on PROD1PC65 with NOTICES2 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices Election Official. A State or local government employee who has as one of his or her primary duties the management or administration of a Federal election. Federal Election. Any primary, general, runoff, or special Election in which a candidate for Federal office (President, Senator, or Representative) appears on the ballot. Fielded Voting System. A voting system purchased or leased by a State or local government that is being use in a Federal election. Gift. A Gift includes any gratuity, favor, discount, entertainment, travel, service, hospitality, loan, meal, forbearance, or other item having monetary value. Integration Testing. The end-to-end testing of a full system configured for use in an election to assure that all legitimate configurations meet applicable standards. Key Laboratory Staff. Laboratory employees serving as approval authorities of test reports (approved signatories per NIST Handbook 150) or otherwise responsible for the supervision of individuals performing voting system testing. Lead Voting System Test Laboratory. The accredited Voting System Test Laboratory identified on an EAC approved Application for Testing (EAC Voting System Testing and Certification Program Manual, Sec. 4.3, Certification Application). Manufacturer. The entity with ownership and control over a voting system submitted for certification. Memorandum for the Record. A written statement drafted to document an event or finding, without a specific addressee other than the pertinent file. Proprietary Information. Commercial information or trade secrets protected from release under the Freedom of Information Act (FOIA) and the Trade Secrets Act. Recommended Laboratory. A laboratory recommended for EAC accreditation by the Director of NIST after evaluation by NVLAP. Scope of Accreditation. The version or versions of the Federal voting system standards (VSS or VVSG) to which a VSTL is authorized to test. Technical Reviewers. Technical experts in the areas of voting system technology and conformity assessment appointed by the EAC to provide expert guidance. Testing and Certification Decision Authority. The EAC Executive Director or Acting Executive Director. Testing and Certification Program Director. The individual appointed by the EAC Executive Director to VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 administer and manage the Testing and Certification Program. Voting System. The total combination of mechanical, electromechanical, and electronic equipment (including the software, firmware, and documentation required to program, control, and support the equipment) that is used to define ballots, cast and count votes, report or display election results, interface the voting system to the voter registration system, and maintain and produce any audit trail information. Voting System Standards. Voluntary voting system standards developed by the FEC. Voting System Standards have been published twice: once in 1990 and again in 2002. The Help America Vote Act made the 2002 Voting System Standards EAC guidance. All new voting system standards are issued by the EAC as Voluntary Voting System Guidelines. Voting System Test Laboratories (VSTLs). Laboratories accredited by the EAC to test voting systems to EAC approved voting system standards. Voluntary Voting System Guidelines. Voluntary voting system standards developed, adopted, and published by the EAC. The guidelines are identified by version number and date. 1.15. Acronyms and Abbreviations. For purposes of this Manual, the acronyms and abbreviations listed below represent the following terms. Accreditation Program. The EAC Voting System Test Laboratory Accreditation Program Certification Program. The EAC Voting System Testing and Certification Program EAC. United States Election Assistance Commission FEC. Federal Election Commission HAVA. Help America Vote Act of 2002 (42 U.S.C. § 15301 et seq.) ISO/IEC. The International Organization for Standardization & The International Electrotechnical Commission NASED. National Association of State Election Directors NIST. National Institute of Standards and Technology NVLAP. National Voluntary Laboratory Accreditation Program Program Director. Director of the EAC Testing and Certification Program VSS. Voting System Standards VSTL. Voting System Test Laboratory VVSG. Voluntary Voting System Guidelines 2. Program Requirements 2.1. Overview. This chapter lists the requirements of the EAC’s Voting System Test Laboratory Program. Adherence to these requirements is a PO 00000 Frm 00007 Fmt 4701 Sfmt 4703 50145 condition of accreditation and a continuing obligation. Failure to demonstrate compliance with the requirements of this chapter may result in the denial of an application for accreditation, suspension of accreditation, or revocation of accreditation. 2.2. Program Requirements— Generally. In order to be considered for, receive, and maintain an EAC accreditation as a VSTL, laboratories must demonstrate compliance with the requirements of EAC’s Voting System Test Laboratory Program. The program requirements are set forth in this Chapter. 2.2.1. Continuing Compliance Obligation. VSTLs have a continuing obligation to meet the requirements set forth in this Chapter. VSTLs are required to maintain their compliance with the program’s requirements as long as they hold an EAC accreditation. 2.2.2. Requests to Document Compliance. VSTLs may be required by the EAC to document compliance at any time. Such requests will be in writing and VSTLs shall respond timely, consistent with the request (see Chapter 4 of this Manual). 2.2.3. Failure to Comply, Effect. Failure to meet each of the program’s requirements may result in the denial of an application for accreditation, suspension of accreditation, or revocation of accreditation, consistent with the procedures of Chapter 5 of this Manual. 2.3. NIST Recommendation. As a condition of accreditation, all laboratories must be recommended to the EAC by the National Institute of Standards and Technology (NIST), unless the emergency provisions of Chapter 3 apply. NIST is responsible, pursuant to the Help America Vote Act of 2002, Section 231(b), for performing a technical evaluation of laboratories and identifying and recommending those competent to test voting systems. This recommendation is provided directly to the EAC from NIST. 2.4. NVLAP Accreditation. As a condition of accreditation, all VSTLs must hold a valid accreditation from NIST’s National Voluntary Laboratory Accreditation Program (NVLAP), unless the emergency provisions of Chapter 3 apply. NVLAP accreditation is the primary means by which the EAC may ensure that each VSTL meets and continues to meet the technical requirements of the EAC program. It sets the standards for each of VSTL’s technical, physical, and personnel resources, as well as its testing, management, and quality assurance policies and protocols. The loss or E:\FR\FM\25AUN2.SGM 25AUN2 50146 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices jlentini on PROD1PC65 with NOTICES2 suspension of a NVLAP accreditation will result in the suspension and possible revocation of any EAC accreditation consistent with the procedures of Chapter 5 of this Manual. VSTLs are required to immediately report any change in their NVLAP accreditation status to the EAC. 2.5. Conflict of Interest and Prohibited Practices Program. As a condition of accreditation, all laboratories must maintain and enforce policies which prohibit and prevent conflicts of interest or the appearance of conflicts of interest. A laboratory shall ensure that neither the Laboratory, its parent corporation, contracted third party laboratories, nor any individual staff member involved in the testing of voting systems have any vested interest in the outcome of the test process. Laboratories must have a written policy in place. This policy must, at a minimum, (1) prohibit conflicts of interest and other prohibited practices and (2) provide for enforcement, consistent with the subsections below. 2.5.1. Prohibited Conflicts of Interest. The purpose of a conflict of interest policy is to prevent situations where the exercise of an official duty directly impacts the actor’s financial interests. For the purposes of this program, a prohibited conflict of interest exists if the duties and responsibilities of a laboratory, parent corporation, or a laboratory employee involved in the testing of voting systems under EAC’s Certification Program will have a direct and predictable effect on the financial interest of that laboratory, parent corporation, or a laboratory employee.1 For example, an employee who is responsible for testing a voting system on behalf of a VSTL would be prohibited from holding a financial interest in the entity whose product is being tested or a direct competitor of that entity. A prohibited conflict of interest would also include a contractual or other fiduciary relationship between a VSTL or VSTL employee and a Manufacturer (outside an agreement for State or Federal certification testing) when that VSTL or VSTL employee is concurrently responsible for conducting certification testing for that Manufacturer under this program. Additionally, financial interests may be imputed or attributed to a laboratory, parent corporation, or a laboratory employee through a 1 For the purpose of this Program, agreements with voting system manufacturers to provide testing pursuant to the requirements of EAC or a State’s certification program do not constitute a prohibited conflict of interest. Certification testing is considered a duty and responsibility of a VSTL, not an outside financial interest. VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 relationship with a third party. For example, a VSTL employee responsible for the testing of a voting system would be conflicted from performing his or her duties if his or her spouse owned a financial interest in the manufacture of the voting system. 2.5.1.1. Involved in Testing—Defined. For the purposes of a financial conflict of interest, an organization is involved in the testing of a voting system any time it contractually or otherwise takes on the responsibility for testing a voting system to Federal standards under EAC’s Certification Program. For the purposes of a financial conflict of interest, an employee is involved in the testing of a voting system when the individual’s duties as a VSTL employee require him or her to perform testing on the system, manage the testing process or supervise those who perform testing on the system. 2.5.1.2. Financial Interest—Defined. The term includes any current or contingent ownership, equity, or security interest in real or personal property or a business and may include an indebtedness or compensated employment relationship. It thus includes, for example, interests in the nature of stocks, bonds, partnership interests, fee and leasehold interests, and other property rights, deeds of trust, and liens, and extends to any right to purchase or acquire any such interest, such as a stock option or commodity future. 2.5.1.3. Direct Effect—Defined. A matter will have a direct effect on a financial interest if there is a close causal link between any decision or action to be taken in the matter and any expected effect of the matter on the financial interest. An effect may be direct even though it does not occur immediately. A matter will not have a direct effect on a financial interest, however, if the chain of causation is attenuated or is contingent upon the occurrence of events that are speculative or that are independent of, and unrelated to, the matter. A matter that has an effect on a financial interest only as a consequence of its effects on the general economy does not have a direct effect within the meaning of this section. 2.5.1.4. Predictable Effect—Defined. A matter will have a predictable effect if there is a real, as opposed to a speculative possibility that the matter will affect the financial interest. It is not necessary, however, that the magnitude of the gain or loss be known, and the dollar amount of the gain or loss is immaterial. 2.5.1.5. Imputed Interests—Defined. An imputed interest is a financial PO 00000 Frm 00008 Fmt 4701 Sfmt 4703 interest held by a third party individual or organization that serves to disqualify an employee or laboratory to the same extent as if they were the employee’s or laboratory’s own interest. These interests include: 2.5.1.5.1. The financial interests of a spouse or dependent child shall be imputed to an employee. 2.5.1.5.2. The financial interest of any organization in which a laboratory, parent corporation, or a laboratory employee serves as an employee, officer, board member, partner, consultant, director, trustee or similar position shall be imputed. 2.5.1.5.3. The interests of any contracted third party laboratory shall be imputed to the utilizing VSTL. 2.5.1.5.4. The financial interest of a person or organization with whom an employee is negotiating or has an arrangement concerning prospective employment shall be imputed. 2.5.2. Prohibited Practices. Furthermore, irrespective of the existence of a conflict of interest, it is a prohibited practice for a laboratory, parent corporation, or laboratory employee to be involved in the development of a voting system or solicit or receive a gift from a voting system Manufacturer. No laboratory, parent corporation, or laboratory employee may: 2.5.2.1. Voting System Development and Testing. Provide, or have provided, consultation, developmental testing or other services to a voting system developer such that the independence, or appearance of independence, in the testing of a particular voting system or system component would be compromised. 2.5.2.1.1. A laboratory or individual may not be involved in both the development of a voting system and the certification of a system. Voting system development includes any testing, consultation or design work performed in order to ready a specific system for the marketplace or the certification process. Generally, any testing performed on behalf of a voting system manufacture that was not otherwise performed pursuant to a State or Federal voting system certification program will be considered developmental in nature. 2.5.2.1.2. The prohibition barring participation in both development and testing is voting system specific. An employee or laboratory that was previously involved 2 in product development with a Manufacturer is not 2 The prohibition relates to a VSTL’s prior involvement in system development. Concurrent development work and testing may constitute a prohibited conflict of interest under Section 2.5.2 of this Manual. E:\FR\FM\25AUN2.SGM 25AUN2 jlentini on PROD1PC65 with NOTICES2 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices prohibited from testing all systems produced by that Manufacturer, just those systems in which the employee or laboratory participated directly in development. As voting systems are subject to change over time, for the purposes of this prohibition, a voting system shall be considered altered to the degree that it is a different system when: 2.5.2.1.2.1. A period of at least three years has passed since the VSTL or employee was involved in the system’s development; 2.5.2.1.2.2. The system has been subject to both software and hardware modification since the VSTL or employee was involved in the system’s development. De minimis changes (as defined in EAC Voting System Testing and Certification Program Manual) are not modifications; AND 2.5.2.1.2.3. The system has received a certification after being tested by a different independent laboratory since the VSTL or employee was involved in the system’s development. 2.5.2.1.3. The prohibition barring participation in both development and testing does not prohibit a VSTL from allowing a Manufacturer to perform onsite hardware mitigation on a voting system in response to a minor system failure or anomaly. In such cases the VSTL: 2.5.2.1.3.1. Shall suspend all hardware testing; 2.5.2.1.3.2. Shall not participate or assist the Manufacturer in remediation; 2.5.2.1.3.3. May provide testing equipment and qualified operators to the Manufacturer for its use; 2.5.2.1.3.4. Shall monitor and document the Manufacturer’s access to the system consistent with Section 2.11.1. of this manual; and 2.5.2.1.3.5. Shall document in the test report the failure or anomaly and remedial action taken by the Manufacturer consistent with Section 2.10.5.2.1 of this Manual and Chapter 4 of EAC’s Certification Manual (anomaly matrix). 2.5.2.2. Gifts. Solicit or receive a gift, directly or indirectly, from any entity which holds a financial interest in the development, production, or sale of voting systems, or is otherwise impacted by the testing and certification of voting systems. Gifts given or received under circumstances which make it clear that the gift is motivated by a family relationship or personal friendship rather than position are not prohibited. Relevant factors in making such a determination include the history of the relationship and whether the family member or friend personally pays for the gift. VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 2.5.3. Program Enforcement Elements. Prohibited conflicts and practices shall be enforced through a written program which: 2.5.3.1. Regarding Employees Involved in the Testing of Voting Systems. 2.5.3.1.1. Annually collects standard information from each employee, including assets, debts, outside or prior activities/employment, gifts, and any work on voting system development sufficient to demonstrate compliance with Section 2.5.1. and 2.5.2. of this Manual. The information collection must also reflect the financial interests of those individuals (like spouses and minor children) whose interests are imputed to the employee; 2.5.3.1.2. Requires and documents the review of information collected for potential conflicts and prohibited practices; and 2.5.3.1.3. Resolves all identified conflicts of interest or prohibited practices prior to the employee or laboratory’s involvement in the testing of any voting system. Such resolution shall be documented. Resolutions may include the divestiture of assets or gifts, employee resignation from outside organizations, or the altering of an employee’s responsibilities by prohibiting participation in Voting System Testing or the testing of a specific system. 2.5.3.2. Regarding the VSTL or VSTL’s Parent Corporation. 2.5.3.2.1. Annually collects information pertaining to the holdings and activities of the VSTL and its parent corporation(s), sufficient to demonstrate compliance with Section 2.5.1. and 2.5.2. of this Manual; 2.5.3.2.2. Requires and documents the review of collected information for potential conflicts and prohibited practices; and 2.5.3.2.3. Resolves all identified conflicts of interest or prohibited practices prior to the laboratory’s testing of any voting system. Such resolution shall be documented. Resolutions may include the divestiture of assets or gifts, the termination or rejection of conflicted or prohibited testing work. 2.5.3.3. Regarding Contracted Third Party Laboratories. The interest of a contracted third party laboratory may be imputed to a VSTL. VSTLs may meet and enforce the program requirements of this section with regard to this relationship in one of two ways: 2.5.3.3.1. Collection of third party laboratory information, review of information and resolution of conflicts or prohibited practices: 2.5.3.3.1.1. Collect information pertaining to the holdings and activities PO 00000 Frm 00009 Fmt 4701 Sfmt 4703 50147 of the third party laboratory and its employees, sufficient to demonstrate compliance with Section 2.5.1. and 2.5.2. of this Manual. This includes gathering information concerning any involvement by the third party laboratory or its employees in the development of specific voting systems. This collection of information shall be performed prior to the execution of any contract for the testing of voting systems under this program and annually thereafter if the contract exceeds one year in duration. 2.5.3.3.1.2. Require and document the review of collected information for potential conflicts, and 2.5.3.3.1.3. Resolve all identified conflicts of interest prior to the laboratory’s testing of any voting system. 2.5.3.3.2. VSTL Supervision of third party laboratories performing non-core testing. Where a third party laboratory is subject to direct VSTL supervision and observation, the third party laboratory’s conflicts of interest or prohibited practices will not be imputed to the lead VSTL. Direct VSTL supervision under this section requires that a VSTL employee is physically present during the third party testing and directly observes and supervises the testing. This VSTL employee must: (1) have been properly vetted for conflict of interest and prohibited practices pursuant to Section 2.5 of this Manual, (2) be competent to supervise the testing being performed and (3) have no financial interest in the third party laboratory they are supervising. 2.5.4. Waivers. In rare circumstances, prohibited practices or conflicts of interest may be waived by the EAC after the conflict or prohibited practice is properly disclosed to the agency. Waivers may be granted at the sole discretion of the Program Director. 2.5.4.1. Requesting a Waiver. A request for a waiver shall be made in writing to the EAC Program Director. The request shall fully disclose the conflict of interest or prohibited practice for which the waiver is sought. The request shall also describe all steps taken to resolve the conflict or prohibited practice and the reasons why such attempts were unsuccessful or otherwise untenable. The request shall also state why the waiver should be granted, consistent with the standard in Section 2.5.4.2. 2.5.4.2. Waiver Standard. A disqualifying conflict of interest or prohibited practice is subject to waiver when the issuance of a waiver is in the best interest of the EAC Certification Program and the identified conflict or practice is unlikely to affect the integrity E:\FR\FM\25AUN2.SGM 25AUN2 jlentini on PROD1PC65 with NOTICES2 50148 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices or impartiality of the VSTL or VSTL employee’s services under the EAC Certification Program. The Program Director may consider the following factors in making a waiver determination: 2.5.4.2.1. The value of any disqualifying financial interest; 2.5.4.2.2. The nature and impact of any prohibited practice; 2.5.4.2.3. The role and responsibility of the employee subject to the conflict of interest or prohibited practice; 2.5.4.2.4. The availability of other employees, VSTLs or laboratories to conduct the testing without a conflict or prohibited practice. 2.5.4.2.5. The level of discretion or sensitivity required to perform the conflicted or prohibited duties under the certification program; 2.5.4.2.6. The ability of an EAC waiver to adjust a VSTL or VSTL employee’s testing process and duties or otherwise mandate additional safeguards which would limit or abrogate the impact of the conflict of interest or prohibited practice. 2.5.4.3. Issuing a Waiver. Any waiver issued by the Program Director shall be made in writing to the requestor. The waiver shall state with specificity the conflict of interest or prohibited practice waived. The waiver shall also clearly state any conditions for its issuance, such as mitigating processes or procedures or safeguards. The VSTL is responsible for meeting all waiver conditions prior to engaging in the waived activity. Failure to meet such condition may result in the revocation of a VSTLs accreditation. The Program Director shall publish all waivers on the EAC Web site. 2.5.4.4. Denying a Request for a Waiver. Any decision denying a request for a waiver shall be made by the Program Director in writing and provided to the VSTL. The Program Director shall publish all waiver denials on the EAC Web site. 2.6. Personnel Policies. As a condition of accreditation, all laboratories shall have in place written policies to ensure that the Laboratory does not employ individuals, in any capacity related to the testing of voting systems, who have been convicted of a felony offense or any criminal offense involving fraud, misrepresentation, or deception under either Federal or State law. The VSTL shall have a program in place to enforce this policy and document such enforcement. 2.7. Notification of Changes. As a condition of accreditation, all laboratories shall agree to notify the EAC in writing within fifteen (15) calendar days of any significant changes VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 in laboratory operations from what the Laboratory described in any assertion that served as the basis for its EAC accreditation, including any assertions made to NIST’s NVLAP or to the EAC pursuant to Chapter 3 of this Manual. Examples of events that require written notification include, but are not limited to: 2.7.1. A Laboratory’s decision to withdraw from the EAC’s program; 2.7.2. Changes in ownership of the Laboratory (other than minor-less that 15%-change in stock ownership), 2.7.3. A change in location of the Laboratory facility, or 2.7.4. Personnel changes in key staff positions. 2.8. Site Visits. As a condition of accreditation, all laboratories shall allow EAC representatives to enter their voting system testing and management facilities pursuant to the procedures and requirements of Chapter 4 of this Manual. 2.9. Notice of Lawsuits. As a condition of accreditation, all laboratories shall provide notice to the EAC of any lawsuits or claims filed against it, its subcontractors, subsidiaries, employees, officers, owners, operators, or insurers while the Laboratory holds an EAC accreditation and which relate to the work performed in, or management of, the Laboratory’s voting system testing program. 2.10. Testing, Technical Practices and Reporting. As a condition of accreditation, each VSTL shall perform testing in conformance with the relevant standards of the applicable Federal Standards (VVSG or VSS). Additionally, the VSTL shall create written reports of such testing consistent with the requirements of the latest version of the VVSG, EAC’s Voting System Testing and Certification Manual, any applicable test suites mandated by the EAC, and any other written guidance published by the EAC. 2.10.1. Test Plan Package. The VSTL shall submit a test plan package directly to the EAC consistent with the requirements of the Voting System Testing and Certification Manual, the latest version of the VVSG, this Manual and any other written guidance from the EAC. A test plan package includes: 2.10.1.1. Requirements Matrix. The Requirements Matrix is a form developed by the EAC which identifies each requirement found in Federal voting system standards (a version of the VVSG or VSS). VSTLs will be required to identify the standards that apply to the system being tested, identify the testing to be performed and provide additional information as required. The Requirements Matrix and PO 00000 Frm 00010 Fmt 4701 Sfmt 4703 instructions for its completion may be found on EAC Web site at www.eac.gov. The matrix will serve as both a tool to identify and a means to document what should be tested and how. 2.10.1.2. Test Plan. The purpose of the Test Plan is to provide information regarding test methods. The Test Plan contains more detail than the Requirements Matrix. 2.10.1.2.1. Format. VSTLs shall format each test plan consistent with the requirements of Appendix A of this Manual. 2.10.1.2.2. Content. Each test plan shall identify applicable voting system standards and contain a description of the testing proposed to verify conformance. Also, each test plan shall contain a statement indicating the scope of the labs accreditation. * Required Content. For each test, the test plan shall provide detailed information referencing testing to be performed, including facility requirements, test set-up, test sequence, data recording requirements and pass criteria.3 * Exception. Where a VSTL utilizes EAC mandated or approved test methods, the test plan may simply reference these methods and identify, with specificity, all deviations. Mandated test methods are those test methods required for use by the EAC. Approved test methods are standard, verified VSTL test methods approved by the EAC. VSTLs may submit standard test methods for approval by submitting them in writing to the Program Director. 2.10.2. Test Case. After approval of the VSTLs Test Plan, the VSTL shall develop Test Cases. A Test Case is a system specific, step-by-step test procedure or laboratory testing process that provides detailed test operation procedures sufficient for trained laboratory personnel to fully conduct a given test and produce repeatable results. The VSTL shall inform the EAC, in writing, when all test cases for the voting system under test have been completed. This notice shall include an index identifying each test case created to test the system. The notification should indicate if these are standard test cases, modified standard test cases, or a new test case. These test cases shall be available to the EAC for review and approval upon request. 3 This requirement is consistent with International Standards Organization requirements, which serve as a basis for NIST NVLAP’s accreditation and recommendation to the EAC. Where established and approved test methods do not exist, ISO Standard 17025, Section 5.4.4., NonStandard Method requires the testing to be validated by the laboratory prior to use. The EAC will review and approve the validated test methods. E:\FR\FM\25AUN2.SGM 25AUN2 jlentini on PROD1PC65 with NOTICES2 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices 2.10.3. Testing. The highest standards shall be applied to the testing of voting systems. VSTLs shall perform testing in conformance with the relevant standards of the applicable Federal Standards (VVSG or VSS) and consistent with any written EAC interpretations of these standards. The Laboratory shall maintain its technical practices consistent with the standards which served as the basis for its NVLAP accreditation. These standards include International Standard ISO/IEC 17025, General Requirements for the Competence of Testing and Calibration Laboratories; NIST Handbook 150, Procedures and General Requirement; NIST Handbook 150–22, Voting System Testing; any documents supplementing, updating or replacing these standards or handbooks; and any pertinent EAC guidance. When conducting testing under EAC’s program, VSTLs shall only perform testing of voting systems consistent with the scope of their accreditation. 2.10.4. Third Party Testing. Lead VSTL’s may contract or otherwise provide for the testing of voting systems by third parties under this program. However, the lead VSTL shall be responsible for the accuracy, quality assurance, and results of all tests performed. Under this program, no VSTL may perform or contract for the performance of testing outside the scope of its accreditation. Testing performed directly by lead VSTL personnel using third party contractor equipment and facilities is not considered third party testing. 2.10.4.1. Core Testing. Core voting system testing may only be performed by VSTLs. Therefore, a VSTL may only contract or otherwise provide for the core testing of voting systems if it uses a third party VSTL. Core testing includes: Technical Data Package review, physical configuration audit, source code review, functional configuration audit, system integration testing, volume testing, and security testing (not including cryptographic testing). 2.10.4.2. Non-Core Testing. Non-core testing may be performed by non-VSTLs if they hold an EAC recognized accreditation to perform the relevant testing. The EAC recognizes two national accreditation bodies, NIST’s NVLAP program and the American Association of Laboratory Accreditation (A2LA). Generally, a VSTL may only contract or otherwise provide for the non-core testing of voting systems if it uses a NVLAP or A2LA laboratory accredited to the specific scope of testing necessary. Non-core testing includes: Electromagnetic compatibility VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 50149 testing, telecommunications testing, environmental testing, electrical testing, acoustical testing, and cryptographic testing.4 In limited circumstances, laboratories not holding a recognized accreditation may be used by VSTLs for non-core testing only after approval by EAC’s Program Director. Requests for such approval must be made in writing and demonstrate: (1) That there is no recognized laboratory available within a reasonable window of availability and geographic proximity (generally within the continental United States) and (2) that the VSTL has conducted a thorough assessment of the third party laboratory’s capabilities, quality system, management system, and/or alternative accreditations and have determined and documented that the laboratory is qualified to perform testing. The EAC may visit, interview or audit any nonaccredited laboratory at any time before, during, or after the testing has occurred to verify their qualifications. 2.10.4.3. VSTL Responsibilities. Lead VSTLs are responsible for all tests performed on voting systems submitted to them by Manufacturers under EAC’s Testing and Certification Program. This includes testing (both core and noncore) performed by third party laboratories under their direction (including third party VSTL laboratories). Any procedural or substantive irregularities or errors which occur during the third party testing process will be imputed to the responsible lead VSTL. Such failures may serve as a basis for the revocation of accreditation. Lead VSTLs using third party laboratories (consistent with Sections 2.10.4.1 through 2.10.4.2, above) shall take steps to ensure that the third party laboratories they employ meet the standards of this Program. At a minimum, the lead VSTLs shall ensure: 2.10.4.3.1. The third party laboratory provides the lead VSTL verifiable documentation regarding its relevant accreditation; 2.10.4.3.2. Any hardware tested by the qualified third party laboratory is first validated by the lead VSTL as the same hardware presented to it for certification; 2.10.4.3.3. The third party laboratory provides the lead VSTL with evidence that it will direct its activities in compliance with any and all relevant VVSG requirements for testing and that the testing was, in fact, performed consistent with such specific requirements. Any special procedures, tools, or testing software necessary to meet VVSG requirements must be validated by the lead VSTL prior to use. For example, the VVSG requires that systems be tested while operating and that such operation be in a manner and under conditions that simulate election use. In such cases, the lead VSTL must ensure that the third party laboratory will properly implement the VVSG requirements, validate its election simulation tools, and properly performed the testing; 2.10.4.3.4. The lead VSTL performs all system accuracy, reliability, functionality and integration testing; and 2.10.4.3.5. The third party laboratory issues a report to the lead VSTL that fully documents its testing such that the lead VSTL may demonstrate compliance with this section and produce a report consistent with Section 2.10.5 of this Manual. 2.10.5. Test Report Package. The Test Report Package represents the culmination of the testing process. As such, it is vital that it accurately and completely document the testing performed and the results of such testing. VSTLs shall submit Test Report Packages directly to the EAC. The packages shall include: 2.10.5.1. Requirements Matrix. VSTLs shall complete the requirements matrix originally submitted with its test plan (see Section 2.10.1 above). The Requirements Matrix and instructions for its completion may be found on the EACs Web site at www.eac.gov. The final submission of the Requirements Matrix will serve as verification that the VSTL performed the testing required to demonstrate compliance with voting system standards. 2.10.5.2. Test Report. VSTLs shall provide a test report. 2.10.5.2.1. Content. All test reports shall document the testing process, including the documentation and justification of any divergence from the EAC approved test plan, methods, or cases and the identification of all failures and/or anomalies along with any remedial action taken 5 (see Chapter 4 of the EAC’s Voting System Testing and Certification Manual regarding the anomaly matrix). Test reports shall also document any prescribed maintenance or modifications, performed by the Manufacturer, to a voting system in testing. Such maintenance or modifications shall be monitored by the 4 For the purposes of the EAC’s Voting System Test Laboratory Program, non-core cryptographic testing includes all testing involving evaluation of cryptographic operation and key management. 5 VSTLs must report all errors and anomalies identified in the test campaign even when an error is identified during the testing of unrelated functionality. PO 00000 Frm 00011 Fmt 4701 Sfmt 4703 E:\FR\FM\25AUN2.SGM 25AUN2 jlentini on PROD1PC65 with NOTICES2 50150 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices VSTL consistent with Section 2.11.1 of this Manual. 2.10.5.2.2. Format. To the greatest extent possible, VSTLs shall write reports such that they are understandable to non-technical persons. As the EAC will publish these reports (bar portions prohibited by law), VSTLs shall refrain from including in them trade secrets or other commercial information protected from release unless substantively required. Where information protected from release may be included, it shall be identified consistent with Chapter 7 of this Manual. VSTLs shall format each test report consistent with the requirements of Appendix B of this Manual. 2.10.5.3. VSTL Attestation. The VSTL shall provide a letter, signed by a representative authorized to take action on behalf of the VSTL (see Sections 2.13 and 3.4.1.6. of this Manual), which attests that (1) all testing prescribed by the test plan or amended test plan was performed as identified or the divergence from the test plan was properly documented, (2) all identified voting system anomalies or failures were reported and resolved, (3) that the test report is accurate and complete, and (4) the VSTL recommends the system for certification. 2.10.6. Acceptance of Prior Testing. Generally, a valid test previously performed on a voting system by a VSTL, or by a third party test laboratory operating at the direction of a VSTL, may be reused at the discretion of the lead VSTL. The EAC encourages VSTLs to use such testing to fulfill current certification requirements. The EAC will accept prior testing only when the below requirements are met. Lead VSTLs are responsible for ensuring that the prior testing has met these requirements. Prior testing is valid when: 2.10.6.1. The discrete software or hardware component previously tested is demonstrably identical to that presently offered for testing. Lead VSTLs must examine the components to ensure no change has taken place consistent with all documentation. When valid prior testing is used, the system presented must be subject to regression testing, functional testing and system integration testing; 2.10.6.2. The voting system standards and relevant EAC interpretations applicable to the prior and current testing are identical; 2.10.6.3. The test methods used are equivalent or identical to current test methods approved by the EAC; 2.10.6.4. The prior testing has been reviewed by the VSTL and no errors or omissions are apparent. Any errors or VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 omissions identified shall be reported to the EAC; and 2.10.6.5. The adoption and use of prior testing is noted in the test plan and test report. Like all testing, prior testing is subject to EAC review and approval. 2.10.7. Termination of Testing Prior to Completion. In the event testing is terminated prior to completion, VSTLs are required to notify the EAC Program Director. This notification shall be in writing and state the reasons for termination, provide a list of all testing completed, and produce a matrix of test anomalies or failures pursuant to Section 4.5.2 of the EAC Testing and Certification Program Manual. 2.10.7.1. Termination Defined. Voting system testing shall be considered terminated when the testing process is permanently ended or otherwise halted without a specific plan to recommence within 180 days of the last test performed. 2.10.7.2. Effect of Termination. Notification of termination will result in the suspension of the Manufacturer’s Certification Application. Additionally, the termination and VSTL’s written notice shall be posted on EAC’s Web site. 2.10.7.3. Resubmission after Termination. Manufacturers may resubmit a system previously terminated by submitting an updated application consistent with Chapter 4 of the Voting System Testing and Certification Program Manual. Pursuant to Section 2.11 of this Manual and Section 4.3.1.2 of the Voting System Testing and Certification Program Manual, a system resubmitted to the EAC after termination must be tested by the VSTL identified on the original application. 2.11. Laboratory Independence. As a condition of accreditation, all laboratories shall maintain their independence from voting system Manufacturers, consistent with their roles and responsibilities as a key component of the EAC Certification program. VSTLs shall maintain an arm’s length relationship with the manufacturers and avoid even the appearance of improper conduct. In order to maintain independence, VSTLs shall adhere to the following independence principles and requirements: 2.11.1. Testing Independence. Consistent with the requirements of this Manual, only the lead VSTL identified on a voting system’s application form may test or oversee the testing of that system. Under no circumstances may a Manufacturer perform or participate in any testing which will serve as the basis PO 00000 Frm 00012 Fmt 4701 Sfmt 4703 of an EAC certification. Participation includes but is not limited to the observation of testing by the Manufacturer.6 Additionally, lead VSTL’s shall ensure that Manufactures’ do not have access to a system under test unless accompanied and monitored by a VSTL representative. 2.11.2. Decision Making. Determinations regarding testing, test requirements, and test results shall be made on the basis and for the purpose of ensuring that the systems tested meet Federal voting system standards. A VSTL’s primary purpose shall be to serve the public interest through adherence to the EAC Testing and Certification Program. 2.11.3. Single Laboratory Requirement. EAC’s Testing and Certification Program prohibits Manufacturers from changing laboratories during the testing process. Once a lead VSTL is identified to the EAC by the Manufacturer to test a system, a test report will not be accepted by the EAC from any other laboratory unless authorized pursuant to Chapter 4 of the EAC’s Voting System Testing and Certification Program Manual. This strict policy supports VSTLs in their independent decision making role. VSTLs shall immediately report to the EAC Certification Program Director any time a Manufacturer withdraws a product from testing or the testing is otherwise terminated (see Section 2.10.7. of this Manual). 2.11.4. Fee for Service. All fees paid by a Manufacturer to a VSTL shall be solely for services rendered. No payment may be accepted by a VSTL that is not directly linked to services necessary to complete system testing. No payment may be accepted by a VSTL that is conditioned or dependent on testing outcome. 2.11.5. Written Communications. To ensure and document the independent relationship between test laboratories and Manufacturers, all substantive discussions regarding the outcome, cost, payment and testing of a voting system shall be conducted or otherwise documented in writing by the VSTL. These records shall be maintained consistent with Section 2.15 of this Manual. Examples of substantive discussions between the lead VSTL and a Manufacturer include but are not limited to: 2.11.5.1. All contracts and amendments thereto; 6 Not all activities required for EAC Certification are ‘‘testing’’ activities. Examples of certification requirements that do not fall into the category of ‘‘testing’’ include trusted and witness builds. E:\FR\FM\25AUN2.SGM 25AUN2 jlentini on PROD1PC65 with NOTICES2 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices 2.11.5.2. All discussions regarding the set up and operation of the voting system during testing; 2.11.5.3. All discussions with the Manufacturer regarding the test plan, test cases, testing, or the test report; and 2.11.5.4. All discussions regarding implementation or interpretation of the standards. 2.11.6. Testing Facilities. To avoid the appearance of impropriety and otherwise maintain laboratory independence, VSTLs shall not conduct testing 7 at a Manufacturer owned or controlled facility. If exceptional circumstances exist requiring that the VSTL use Manufacturer facilities, the VSTL may request a waiver from this prohibition. The request must be in writing to the Program Director and clearly state why such testing is necessary. A waiver may be granted at the sole discretion of the Program Director and may impose necessary restrictions, limitations and requirements on testing. Waivers will be granted only in exceptional circumstances. 2.11.7. Improper Influence. Any attempt by a Manufacturer to unduly influence the test process shall be immediately reported to the EAC’s Certification and Testing Program Director. 2.12. Authority to do Business in the United States. As a condition of accreditation, all laboratories shall be lawfully entitled or otherwise not prohibited from doing business with the United States or its citizens or operating in the United States. 2.13. Communications. As a condition of accreditation, all laboratories shall designate and identify an individual or individuals who may speak for and take action on behalf of the VSTL. VSTLs shall maintain an open line of communication with EAC’s Testing and Certification Program Director, providing prompt response to requests for information regarding the Program. 2.14. Resources and Financial Stability. As a condition of accreditation, all VSTLs shall allocate sufficient resources to enable the laboratory to properly use and maintain its test equipment, personnel, and facility and to satisfactorily perform all required laboratory functions. The laboratory shall maintain insurance policies sufficient to indemnify itself against financial liabilities or penalties that may result from its operations. VSTLs shall: 7 As noted in footnote 6, above, this requirement only applies to ‘‘testing’’ and does not include other certification activities such as trusted and witness builds. VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 2.14.1. Maintain insurance policies (see Section 3.4.1.8.) that indemnify the laboratory against the potential losses identified in its liability assessment (see Section 3.4.1.9.); and 2.14.2. Document solvency through demonstrating that the laboratory’s assets are greater than its liabilities in its audited financial statement (see Section 3.4.1.16.). 2.15. Recordkeeping. As a condition of accreditation, all laboratories shall have a written policy regarding the proper storage, management and retention of all records relating to the testing of voting systems. At a minimum, this policy shall require all forms, reports, test records, observations, calculations, and derived data for all tests performed on a given voting system (or component of said system) be retained for a period of at least 5 years after the last test performed on any version of that system (or component of any version of said system). The policy shall require that all documents are maintained in a safe and secure environment and stored in a manner that provides for organized and timely identification and retrieval. Additionally, all records must be kept in a data format usable and available to the EAC. 3. Accreditation Process 3.1. Overview. This chapter sets forth the required steps Applicant Laboratories must perform in order to receive an EAC Voting System Test Laboratory Accreditation. The process generally includes an application for and receipt of a NIST recommendation; receipt of an EAC invitation to apply; and the successful submission, acceptance and review of an EAC application. 3.2. NIST Recommendation. The Election Assistance Commission (EAC) is mandated under Section 231 of the Help America Vote Act of 2002 (HAVA) (42 U.S.C. § 15371(b)) to ‘‘* * * provide for the certification, de-certification and re-certification of voting system hardware and software by accredited laboratories.’’ As part of this process, HAVA requires the National Institute of Standards and Technology (NIST) to evaluate independent non-Federal test laboratories. NIST selects those laboratories technically qualified to test voting systems and recommends them to the EAC for accreditation. Generally, a Laboratory must have a NIST recommendation before it may be considered for EAC accreditation. 3.2.1. NIST Recommendation Process. NIST utilizes its National Voluntary Laboratory Accreditation Program (NVLAP) to perform this evaluation. PO 00000 Frm 00013 Fmt 4701 Sfmt 4703 50151 NIST, through the NVLAP process, assesses laboratory technical capabilities, procedures and personnel before recommending a laboratory for EAC accreditation. The requirements, procedures and application process for requesting consideration by NIST (for recommendation to the EAC) may be found at www.nist.gov/NVLAP or by contacting NIST at, National Voluntary Laboratory Accreditation Program, Standards Services Division, NIST, 100 Bureau Drive, Stop 2140, Gaithersburg, MD, 20899–2140. 3.2.2. Emergency EAC Accreditation without NIST Recommendation. HAVA authorizes the EAC to consider and accredit laboratories without a NIST recommendation (42 U.S.C. § 15371(b)(2)(B)). The EAC will accredit laboratories without a NIST recommendation only as an emergency action. 3.2.2.1. Emergency Action-Defined. The EAC will take emergency action only in instances where (1) there is a significant national need for accredited laboratory testing capacity that cannot be met by existing VSTL’s, (2) the shortage of laboratory testing capacity may cause a disruption in the orderly administration of Federal elections, and (3) NIST is not capable of timely providing new laboratories to meet needs. Consistent with HAVA, the EAC will publish its basis for emergency action following the above standards. 3.2.2.2. Emergency Action-Process. Laboratories shall be accredited by the EAC in an emergency action only after they have been properly assessed according to international standards and applicable NIST Guidance. These standards include International Standard ISO/IEC 17025, General Requirements for the Competence of Testing and Calibration Laboratories; NIST Handbook 150, Procedures and General Requirement; NIST Handbook 150–22, Voting System Testing; and/or any documents supplementing, updating or replacing these standards or handbooks. 3.2.2.3. Emergency ActionProvisional. Any accreditation provided by the EAC through its emergency action authority will be provisional in nature and limited in scope. All emergency accreditations must expire on a date certain. 3.3. EAC Invitation. After receipt of a NIST list of recommended laboratories, the EAC will send a letter to the laboratories inviting them to apply for EAC accreditation under the VSTL program. No laboratory may apply for EAC accreditation without an invitation from the Commission. The letter of invitation will identify the scope of E:\FR\FM\25AUN2.SGM 25AUN2 jlentini on PROD1PC65 with NOTICES2 50152 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices accreditation for which the laboratory may apply. The invited laboratories must follow the application procedure noted in Section 3.4, below. 3.4. Application. EAC is the sole authority for Voting System Test Laboratory Accreditation. While NIST’s recommendation serves as a reliable indication of technical competency, the EAC must take additional steps to ensure that laboratory policies are in place regarding issues like conflict of interest, record maintenance, and financial stability. It must also ensure that the candidate laboratory is willing and capable to work with EAC in its Certification Program. To that end, applicant laboratories are required to submit a Letter of Application requesting accreditation. The letter shall be addressed to the Testing and Certification Program Director and attach (in either hard copy or on CD/ DVD) (1) all required information and documentation; (2) a signed letter of agreement; and (3) a signed certification of conditions and practices. 3.4.1. Information and Documents. The applicant laboratory must submit the information and documents identified below as a part of its application. These documents will be reviewed by the EAC in order to determine whether the applicant laboratory meets the program requirements identified in Chapter 2. The grant of EAC accreditation is subject to receipt of the information and EAC’s review and approval of the materials. The applicant laboratory shall properly label any documents, or portions of documents, it believes are protected from release under Federal law. 3.4.1.1. The legal name of the laboratory 3.4.1.2. Mailing address of the laboratory 3.4.1.3. Physical location of the laboratory (if different than the mailing address). 3.4.1.4. Name, phone number, fax number and e-mail address of the voting system testing program manager or individual otherwise immediately responsible for the voting system testing program. 3.4.1.5. Name, phone number, fax number, and e-mail address of the individual, CEO, president or otherwise titled head of the laboratory. 3.4.1.6. Name, title, phone number, fax number, and e-mail address of the individual or individuals designated to speak for and take action on behalf of the laboratory pursuant to Section 2.13 of this Manual. 3.4.1.7. The business contact information (such as point of contact, VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 address, Web site, e-mail address) to be posted by the EAC on its Web site. 3.4.1.8. The identity of the laboratory’s insurer(s), name of insured, and coverage limits for any comprehensive general liability policies, errors and omissions policies, professional liability policies, and bailee policies. 3.4.1.9. A written assessment of the laboratory’s commercial general liability. 3.4.1.10. A signed statement certifying that it maintains workman’s compensation policy coverage sufficient to meet the applicable State’s minimum requirements. 3.4.1.11. A copy of the laboratory’s organizational chart which includes the names of key staff responsible for the testing of voting systems. 3.4.1.12. A copy of the laboratory’s conflict of interest policy which implements the standards of Section 2.5 of this Manual. 3.4.1.13. A copy of the laboratory’s personnel policy which implements the standards of Section 2.6 of this Manual. 3.4.1.14. A copy of the laboratory’s recordkeeping policy which implements the standards of Section 2.15 of this Manual. 3.4.1.15. A copy of the laboratory facilities brochure. 3.4.1.16. A copy of the most recent annual report, the names of the current board of directors and the previous year’s board of directors, the names of any majority shareholders, and audited financial statements of the companies or entities that own and operate the laboratory. Laboratories not incorporated should provide comparable information. 3.4.2. Letter of Agreement. The applicant laboratory must submit a signed letter of agreement as a part of its application. This letter shall be signed by an official vested with the legal authority to speak for, contract on behalf of or otherwise bind the applicant laboratory (see Section 2.13). The purpose of this letter is to document that the applicant laboratory is aware of and agrees to abide by the requirements of the EAC Voting System Testing Laboratory Accreditation Program. No applicant laboratory will be considered for accreditation unless it has properly submitted a letter of agreement. The letter shall unequivocally state the following: The undersigned representative ofllll (hereinafter ‘‘Laboratory’’), being lawfully authorized to bind Laboratory and having read the EAC Voting System Test Laboratory Program Manual, accepts and agrees on behalf of Laboratory to follow the program PO 00000 Frm 00014 Fmt 4701 Sfmt 4703 requirements as laid out in Chapter 2 of the Manual. Laboratory shall meet all program requirements as they relate to NVLAP accreditation; conflict of interest and prohibited practices; personnel policies; notification of changes; resources; site visits, notice of law suits; testing, technical practices and reporting; laboratory independence; authority to do business in the United States; VSTL communications; financial stability; and recordkeeping. Laboratory further recognizes that meeting these program requirements is a continuing responsibility. Failure to meet each of the requirements may result in the denial of an application for accreditation, a suspension of accreditation or a revocation of accreditation. 3.4.3. Certification of Laboratory Conditions and Practices. The applicant laboratory must submit a signed Certification of Laboratory Conditions and Practices as a part of its application. No applicant laboratory will be considered for accreditation unless it has properly affirmed its conditions and practices through the certification document. A Certification of Laboratory Conditions and Practices form may be found at Attachment C and is available electronically at www.eac.gov. By signing the certification, a laboratory affirms that it, in fact, has in place the policies, procedures, practices, resources and personnel stated in the document. Any false representations made in the certification process may result in the revocation of accreditation and/or criminal prosecution. 3.5. EAC Review of Application Package. The EAC will perform a review of each Applicant Laboratory’s application package to ensure that it is complete and the laboratory meets the program requirements. Each package will be received and reviewed by the Testing and Certification Program Director to identify any apparent nonconformities or deficiencies. If necessary, the Program Director will notify Applicant Laboratories of any such nonconformities or deficiencies and provide them an opportunity to cure problems prior to forwarding the package to the Commissioners. The Program Director will issue a recommendation to the Commissioners when forwarding any application package. Consistent with HAVA, a laboratory will receive an accreditation only upon a vote of the Commissioners. 3.5.1. Program Director Review. Application packages shall be sent to the Program Director. The Program Director will perform a review of the packages before forwarding them to the Commissioners with a recommendation. E:\FR\FM\25AUN2.SGM 25AUN2 jlentini on PROD1PC65 with NOTICES2 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices Upon receipt of an application package the Testing and Certification Program Director shall review the package to ensure: 3.5.1.1. The package is complete. No application may be forwarded to the Commission for a vote on accreditation unless is contains all required documentation (Section 3.4.1), a proper letter of agreement (Section 3.4.2), and a signed Certification of Laboratory Conditions and Practices (Section 3.4.3). 3.5.1.2. Evidence of compliance with program requirements. The Program Director shall also review the submissions to ensure that the information provided properly reflects and documents compliance with program requirements. 3.5.2. Notice of Nonconformity. In the event the Program Director identifies (1) missing documentation or information and/or (2) issues of non-compliance, the Program Director shall notify the Applicant Laboratory of the deficiencies prior to forwarding a recommendation to the Commissioners. The written notice of nonconformity shall: 3.5.2.1. Identify any missing documentation or information; 3.5.2.2. Identify any issues of potential non-compliance; and 3.5.2.3. Provide Applicant Laboratory a reasonable time period to submit additional information or amend their application package in response to identified non-conformities. 3.5.3. Applicant Laboratory Action on Notice of Nonconformity. Applicant Laboratories shall respond to a notice of nonconformity within the timeframe identified by the Program Director. Responses shall include any missing documents identified in the notice, as well as any additional or clarifying information or documentation responsive to an issue of noncompliance. 3.5.3.1. Request for Additional Time. Applicant Laboratories may request additional time in writing. Such request must state the basis for the request and identify a reasonable time period for response. The grant of additional time is at the sole discretion of the Program Director. 3.5.3.2. Failure to Respond—Missing Documentation or Information. If an Applicant Laboratory fails to provide required information or documentation within the timeframe provided in the notice of noncompliance, the Program Director shall reject the application as incomplete, returning the package to the applicant for resubmission consistent with the requirements of this Chapter. 3.5.3.3. Failure to Respond—Issue of Noncompliance. If, within the timeframe provided in the notice of VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 noncompliance, an Applicant Laboratory (who has provided all required documentation) fails to provide additional, clarifying information or documentation in response to an identified issue of program noncompliance, the Program Director shall forward the original application to the Chair of the Commission for action. 3.5.4. Recommendation to Commissioners. After review, and if necessary an opportunity for the applicant to amend their application, the Program Director shall forward each application to the Chair of the Commission with a recommendation as to disposition. This application package shall include all documents and correspondence between the applicant laboratory and the EAC Program Director. 3.5.5. Vote by Commissioners. Upon receipt of an application package and recommendation from the Testing and Certification Program Director, the Chair of the Commission shall forward the information to each EAC Commissioner. After a reasonable time to review the forwarded materials, the Chair of the Commission shall bring the matter to a vote, consistent with the rules of the Commission. The measure presented for a vote shall take the form of a written Commissioners’ Decision which (1) makes a clear determination as to accreditation and (2) states the basis for the determination. 3.6. Grant of Accreditation. Upon a vote of the EAC Commissioners to accredit a laboratory, the Testing and Certification Program Director shall inform the laboratory of the decision, Issue a Certificate of Accreditation and post information regarding the laboratory on the EAC Web site. 3.6.1. Certificate of Accreditation. A Certificate of Accreditation shall be issued to each laboratory accredited by vote of the Commissioners. The certificate shall be signed by the Chair of the Commission and state: 3.6.1.1. The name of the VSTL; 3.6.1.2. The scope of accreditation, by stating the Federal standard or standards to which the VSTL is competent to test; 3.6.1.3. The effective date of the certification, which shall not exceed a period of two (2) years; and 3.6.1.4. The technical standards to which the laboratory was accredited. 3.6.2. Post Information on Web Site. The Program Director shall make information pertaining to each accredited laboratory available to the public on EAC’s Web site. This information shall include (but is not limited to): PO 00000 Frm 00015 Fmt 4701 Sfmt 4703 50153 3.6.2.1. NIST’s Recommendation Letter; 3.6.2.2. The VSTL’s Letter of Agreement; 3.6.2.3. The VSTL’s Certification of Conditions and Practices; 3.6.2.4. The Commissioner’s Decision on Accreditation; and 3.6.2.5. The Certificate of Accreditation. 3.7. Effect of Accreditation. Receipt of an EAC Accreditation indicates that a laboratory has met the applicable technical, procedural, management and staffing requirements and may serve as a Voting System Test Laboratory (VSTL) under EAC’s Testing and Certification Program. 3.7.1. Scope of Accreditation. A laboratory shall operate within the limits of the scope of accreditation as stated on its Certificate of Accreditation. 3.7.2. Representation. No VSTL may make representations regarding its accreditation beyond its scope of accreditation. 3.7.3. No Endorsement. A Certificate of Accreditation is not an endorsement of the recipient laboratory. A VSTL may not state or imply EAC endorsement. 3.7.4. Accreditation Logo. A VSTL may display the EAC laboratory accreditation logo. Only the EAC authorized logo may be used. The display must be used in a manner consistent Sections 3.7.1.—3.7.3., above. Specifications for the reproduction and use of the EAC logo are found in Appendix D. 3.8. Expiration and Renewal of Accreditation. A grant of accreditation is valid for a period not to exceed two years. A VSTL’s accreditation expires on the date annotated on the Certificate of Accreditation. VSTLs in good standing shall renew their accreditation by submitting an application package to the Program Director, consistent with the procedures of Section 3.4 of this Chapter, no earlier than 60 days before the accreditation expiration date and no later than 30 days before that date. Laboratories that timely file the renewal application package shall retain their accreditation while the review and processing of their application is pending. 3.9. Denial of Accreditation. Upon a vote of the EAC Commissioners not to accredit a laboratory, the Testing and Certification Program Director shall inform the laboratory of the decision and post relevant information on the EAC Web site. 3.9.1. Notice of Denial. The Program Director shall inform the applicant laboratory (in writing) of the Commissioners’ Decision. This notice must include: E:\FR\FM\25AUN2.SGM 25AUN2 jlentini on PROD1PC65 with NOTICES2 50154 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices 3.9.1.1. A statement of the decision and brief summary explanation of the basis for the decision; 3.9.1.2. Notice of the Applicant Laboratory’s right to appeal; and 3.9.1.3. A copy of the Commissioners’ Decision. 3.9.2. Post Information on Web Site. The Program Director shall publish on EAC Web site: 3.9.2.1. A copy of the Commissioners’ Decision, and 3.9.2.2. The Notice of Denial. 3.10. Requesting Appeal. An applicant laboratory that has been denied accreditation by a vote of the Commissioners shall have the right to appeal. An Applicant Laboratory may appeal a Denial of Accreditation by first issuing a written request for appeal. 3.10.1. Submission. Requests must be submitted in writing to the Program Director, addressed to the Chair of the U.S. Election Assistance Commission. 3.10.2. Timing of Appeal. The Applicant Laboratory may request an appeal within 7 calendar days of receipt of the Notice of Denial. Late requests will not be considered. 3.10.3. Contents of Request. The request must petition for reconsideration of the Commissioners’ Decision and clearly state the specific conclusions of the Decision the Applicant Laboratory wishes to appeal. 3.11. EAC Action on a Request for Appeal. The Program Director shall accept any request for appeal timely submitted. Untimely requests shall be rejected. Upon receipt of a request for appeal, the Program Director shall notify the requestor applicant laboratory, in writing, as to whether their appeal has been accepted as timely. The notice for accepted requests shall inform the applicant laboratory of the requirements for submitting their appeal per Section 3.12 of this Manual. 3.12. Submission of Appeal. After submission of a timely request for appeal, the Applicant Laboratory shall submit its appeal. This appeal shall (1) clearly identify the specific conclusions of the Commissioners’ Decision the Laboratory wishes to challenge, (2) provide the basis for its position on appeal and (3) submit a written argument in support of its appeal. In addition, the applicant laboratory may submit documentary or other relevant, physical evidence in support of the appeal. The Appeal and all supporting materials must be received by the EAC within 20 days of the applicant laboratory’s receipt of the Program Director’s notice of acceptance of the request to appeal. 3.13. Consideration of Appeal. All timely appeals will be considered by the VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 Commissioners. Upon receipt of an appeal, the Chair of the Commission shall forward to each EAC Commissioner the Applicant Laboratory’s appellate submission, along with the original application package, Commissioners’ Decision, and Program Director’s recommendation. After a reasonable time to review and consider the forwarded materials, the Chair of the Commission shall bring the matter to a vote, consistent with the rules of the Commission. The measure presented for a vote shall take the form of a written Commissioners’ Decision on Appeal. 3.14. Commissioner’s Decision on Appeal. The Commissioners shall make a written, final Decision on Appeal and shall provide it to the Applicant Laboratory. 3.14.1. Contents. The Decision on Appeal shall: 3.14.1.1. State the final determination of the Commission. 3.14.1.2. Address the matters raised by the Applicant Laboratory on appeal. 3.14.1.3. Provide the reasoning behind the decision. 3.14.1.4. State that the Decision on Appeal is final. 3.14.2. Determinations. The Commissioners shall make one of two determinations on appeal. 3.14.2.1. Grant of Appeal. If the Commissioners determine that the previous Decision of the Commission shall be overturned in full, the appeal shall be granted. In such cases, the Applicant Laboratory shall be granted accreditation. 3.14.2.2. Denial of Appeal. If the Commissioners determine that any part of the previous Decision of the Commission shall be upheld such that the procedural requirements of Chapter 3 or the Program requirements of Chapter 2 of this manual will not be met in full, the appeal shall be denied. In such cases, the application for appeal is finally denied. 3.14.3. Effect. All Decisions on Appeal shall be final and binding on the Applicant Laboratory. No additional request for appeal shall be granted. 3.15. Effect of Denial of Accreditation. An EAC denial of accreditation indicates only that an applicant laboratory has failed to document or otherwise demonstrate that it has the procedures, policies, management or personnel in place to meet the requirements of the Accreditation Program. A denial of accreditation is based upon current policy and procedure and is not an indicator of past performance. Laboratories denied accreditation have the right to cure any identified defect and reapply by PO 00000 Frm 00016 Fmt 4701 Sfmt 4703 resubmitting their application package consistent with Section 3.4 of this Chapter. 4. Compliance Management Program 4.1. Purpose. The purpose of the Compliance Management Program is to improve EAC’s Laboratory Accreditation Program and Testing; increase coordination, communication and understanding between the EAC and its VSTLs; and increase public confidence in elections by facilitating VSTL accountability. The program accomplishes this by increasing personal interaction between EAC staff and VSTL personnel, collecting information and performing reviews to ensure continued compliance with program requirements, and requiring that VSTLs promptly remedy any identified areas of noncompliance. 4.2. Compliance Management Program, Generally. The Compliance Management Program meets its purposes by gathering information on the procedures and practices of its VSTLs. There are three main sources of information: (1) VSTL Notifications of Changes, (2) EAC Requests for Documents or Information and (3) EAC On Site Reviews. The information collected is reviewed by the EAC to ensure that VSTLs are meeting all program requirements. Any areas of noncompliance or recommendations for improvement are presented to VSTLs in a Compliance Management Report. VSTLs are required to promptly remedy any noncompliance or face revocation of accreditation. 4.3. VSTL Notification of Changes. VSTLs are obligated to report any significant changes regarding the information, agreements or certifications made to the EAC as a condition of accreditation (see Section 2.7). This requirement serves as the primary means by which the EAC maintains VSTL compliance. Failure to report changes in conditions or practices may result in suspension or revocation of accreditation consistent with the requirements and procedures of Chapter 5. 4.4. Request for Documents and Information. The Program Director may request a VSTL to provide the EAC information and/or documents to demonstrate the laboratory’s continuing compliance with the Accreditation Program requirements noted in Chapter 2 (See Section 2.2). 4.4.1. EAC Request. A request for documents or information shall be made in writing by the Program Director and provide a reasonable timeframe for VSTL response. The request may be for documents, information or both: E:\FR\FM\25AUN2.SGM 25AUN2 jlentini on PROD1PC65 with NOTICES2 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices 4.4.1.1. Request for Documents. A request for documents must identify the specific documents sought. A request for documents is not a demand for the VSTL to create a document, but to provide the EAC a copy of any existing documentation responsive to the request. 4.4.1.2. Request for Information. Requests for information shall take the form of interrogatories. Each inquiry shall take the form of a discrete question. VSTLs are expected to provide complete answers to each question. 4.4.2. VSTL Response. VSTLs shall respond within the timeframe provided by the Program Director. If additional time is needed, VSTLs may request an extension. Such requests must be made within the timeframe of the original request. The grant of additional time is at the sole discretion of the Program Director. 4.4.2.1. Request for Documents. VSTLs shall respond to requests for documents by having knowledgeable staff conduct a thorough search of VSTL records. VSTLs shall provide copies of all documents responsive to the request. If any document responsive to a request is considered privileged or otherwise protected from release under Federal law, it should be properly labeled. If no documents responsive to the request are found, the VSTL shall state that no records were found. 4.4.2.2. Request for Information. VSTLs shall respond to requests for information by having knowledgeable staff answer each question posed. VSTLs shall ensure that each question is answered completely and accurately. The VSTL may submit documents in support of its responses. 4.4.3. Failure to Respond. Failure to timely respond to a request for documents or information may result in a suspension or revocation of accreditation consistent with the requirements and procedures of Chapter 5. 4.5. On Site Laboratory Review— Generally. The Program Director shall provide for regular on site reviews of VSTLs. There are two types of on site review: 4.5.1. On Site Review—Policy, Procedures and Practices Review. The most common type of review is the Policy, Procedure and Practices Review. This type of review requires EAC personnel to enter a VSTL facility, examine a variety of documentation and meet with VSTL personnel to confirm that the VSTL’s policies, procedures and practices meet the requirements of the Laboratory Accreditation Program (Chapter 2). VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 4.5.2. On Site Review—Testing Observation and Technical Assessment. A Testing Observation and Technical Assessment Review requires an expert EAC laboratory assessor to enter a VSTL facility and assess the laboratory’s technical procedures, policies, management and personnel to verify compliance with applicable laboratory standards. Additionally, the EAC assessor may observe VSTL employees during the testing of voting systems to ensure that VSTL practices match technical policies.8 4.6. On Site Laboratory Review— Frequency. The Program Director shall ensure that each VSTL receives an On Site Policy, Procedures and Practices Review at least once every two years. 4.7. On Site Laboratory Review— Procedure. The Program Director shall determine when and what type of on site review will be conducted for each VSTL. Before any on site review, the Program Director shall provide the VSTL with reasonable notice. Reviews shall be conducted with as little impact as possible on the activities of the VSTL. The VSTL and its employees are required to participate in the review and cooperate with on site EAC personnel. Finally, the reviewer shall provide the VSTL a short exit briefing prior to the termination of the on site review. 4.7.1. Notice. The Program Director shall coordinate on site reviews with VSTL management. As reviews require the availability of laboratory documents and key personnel, a notice of on site review shall be in writing and be provided to the VSTL at least 15 calendar days before the on site review date. The notice shall provide the VSTL with the following information: 4.7.1.1. Duration of Review. The notice shall provide an estimated timeframe during which EAC reviewers will be on site. 4.7.1.2. Type of Review. The notice shall identify the type of review to be performed (see Section 4.5.). 4.7.1.3. Scope of Review. The notice shall provide information regarding the scope of review. This information shall be sufficient to allow the VSTL to identify the documents, personnel and testing it must make available to EAC reviewers. The notice shall specifically identify: 4.7.1.3.1. The type of documents and/ or program areas to be reviewed. 8 EAC’s authority to observe testing and conduct technical assessments serves only as an additional tool to ensure technical compliance. The primarily means by which EAC ensures technical compliance is through NIST’s NVLAP program. The NVLAP program monitors laboratories by requiring regular assessments. Laboratories are reviewed one year after their initial accreditation and biennially thereafter. PO 00000 Frm 00017 Fmt 4701 Sfmt 4703 50155 4.7.1.3.2. The testing that is to be observed. 4.7.1.4. VSTL’s Responsibilities. The notice shall briefly inform the VSTL of its responsibility to coordinate and cooperate with the EAC throughout the on site review process. 4.7.2. VSTL Response to Notice. Upon receipt of a notice of on site review, the VSTL shall coordinate the logistics of the review with the Program Director. In the event the noticed date or timeframe makes access to the required personnel, documents or testing untenable, the VSTL shall contact the Program Director in writing and identify, (1) The conflict or other problem which makes the proposed date and timeframe untenable, and (2) a proposed alternative date for the on site review. The acceptance of an alternative on site review date is at the sole discretion of the Program Director. 4.7.3. Review. An on site review begins upon the arrival of EAC personnel at the VSTL’s facility. EAC reviewers will ordinarily conduct reviews during the VSTL’s normal working hours. The reviewers will make every effort to work as efficiently as possible and avoid impacting the laboratory’s routine operations. The VSTL and its employees are required to cooperate with EAC reviewers. This cooperation includes providing a private, physical location for EAC personnel to review documents and speak with VSTL employees. Generally, the VSTL shall be responsible for ensuring: 4.7.3.1. Document Access and Availability. That the reviewers have access to all requested VSTL documents. All documents specifically identified in the notice of on site review shall be presented to reviewers upon arrival. 4.7.3.2. Personnel Access and Availability. That the reviewers have reasonable access to requested personnel. The VSTL shall ensure that key personnel for each substantive area identified in the notice of on site review be available to EAC reviewers during the noticed review period. 4.7.3.3. Facilities and Testing Access and Availability. That the reviewers have access to VSTL facilities involved in the testing of voting systems, including the facilities of third party contractor laboratories. Additionally, VSTLs must coordinate access to view testing consistent with the notice of on site review. 4.7.4. Exit Briefing. EAC reviewers shall provide the VSTL personnel an exit briefing. Exit briefings shall be informal. The briefing shall identify any documents, information or personnel which the VSTL remains responsible for E:\FR\FM\25AUN2.SGM 25AUN2 jlentini on PROD1PC65 with NOTICES2 50156 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices making available to the reviewers; inform the VSTL of the next steps in the review process; and provide the VSTL an opportunity to ask questions about the process. 4.8. EAC Compliance Management Reports. The EAC shall issue a written Compliance Management Report after performing any on site review. A Compliance Management Report shall also be issued after a Request for Documents/Information or VSTL Notification of Change when either indicates a noncompliance with program requirements. All reports shall be posted on the EAC Web site and (1) provide a brief summary of the review process, request for information or VSTL Notification of Change (2) state any findings resulting from the review, and (3) identify any corrective action required. 4.8.1. Purpose. The purpose of the report is to provide the VSTL with EAC’s findings regarding its program so that: 4.8.1.1. Items of noncompliance may be identified and rectified, 4.8.1.2. Exceptional practices may be identified and encouraged, and 4.8.1.3. EAC recommendations (beyond the program requirements) may be put forth in an effort to improve the VSTL’s program. 4.8.2. Summary of Process. The report shall provide a brief summary of the review process, request for information or VSTL Notification of Change. The purpose of this summary is to provide background information regarding how the information supporting EAC findings was collected. This includes identifying sources of information, methodology and standards. For the purposes of on site reviews, the summary shall state: 4.8.2.1. The dates of the review, 4.8.2.2. The type of review performed, 4.8.2.3. The program areas reviewed, including any specific documents and personnel discussions which were integral to the report findings, and 4.8.2.4. The processes used by the reviewers to determine compliance. 4.8.3. Findings. The report shall outline any findings of the review, request for information or VSTL Notification of Change. A finding is any factual determination that the VSTL is not in compliance with the program requirements identified in Chapter 2 of this Manual or an EAC recommendation for program improvement which does not rise to the level of noncompliance. While reports may also contain recognition of exceptional practices, such statements are not considered findings. Reports shall identify three types of findings: VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 4.8.3.1. Critical. A critical finding is a determination that the VSTL has not met a requirement of the program that is fundamentally critical to the VSTL’s technical capability to test voting systems. A critical noncompliance is a violation of program requirements that by its very nature comprises the integrity of the EAC Testing and Certification Program. 4.8.3.2. Required. A required finding is a determination that the VSTL has failed to meet a requirement of the program that is not considered technically critical pursuant to Section 4.8.3.1., above. 4.8.3.3. Recommended. A recommended finding is a determination that VSTL practices could be improved, but that the identified improvement is not required by the program. In some cases, recommended practices may be practices the EAC plans to make program requirements. 4.8.4. Corrective Action. The report shall specify the action to be taken by the EAC and/or VSTL based upon the review findings. 4.9. Corrective Action. Based upon the Compliance Management Report, corrective action may be required. EAC action and VSTL responsibilities will vary depending upon the nature of the report’s findings. 4.9.1. Critical. Critical Findings require the EAC to initiate the immediate suspension of the VSTL consistent with the requirements and procedures of Chapter 5, Revocation of Accreditation. The VSTL’s rights to remedy its noncompliance or be heard are laid out in Chapter 5. 4.9.2. Required. Required Findings obligate the VSTL to resolve the identified non-compliance within 20 days. Failure to do so within the 20 day timeframe will result in suspension or revocation of accreditation consistent with the procedures laid out in Chapter 5, Revocation of Accreditation. The VSTL may resolve a Required Finding by: 4.9.2.1. Challenging the Finding. The VSTL may challenge a finding if it believes its procedures and practices were in compliance with program requirements at the time of the review. A VSTL shall challenge a Required Finding by providing factual information which documents its claim of compliance. Challenges must be filed within 5 days of receipt of the EAC Report. The challenge must be in writing, state the basis for the challenge, address the facts and conclusions in the EAC report, and provide information which unambiguously documents that the VSTL was in compliance at the time PO 00000 Frm 00018 Fmt 4701 Sfmt 4703 of the review, request for information or VSTL Notification of Change. The EAC Program Director will accept or reject a VSTL’s challenge in writing. If a challenge is accepted, no corrective action will be required. If the challenge is rejected, the VSTL will have 20 days from receipt of the notice of rejection to perform remedial action. 4.9.2.2. Conducting Remedial Action. VSTLs may take corrective action by submitting a remedial plan within 20 days of receipt of the report. The remedial plan shall (for each finding of noncompliance) identify the noncompliance, outline the steps to be taken to achieve compliance, state the timeframe for each step and identify the means and final date by which the VSTL will document compliance. A remedial plan is subject to approval from the Program Director. A VSTL’s failure to obtain approval of a remedial plan or unauthorized deviation from an approved plan’s requirements or deadlines will result in suspension or revocation of accreditation consistent with the procedures laid out in Chapter 5, Revocation of Accreditation. 4.9.3. Recommended. Recommended findings do not require VSTL action. The proposed remedial actions for recommended findings are not program requirements, but EAC suggested practices. 5. Revocation of Accreditation 5.1. Overview. This chapter puts forth the process for revoking the accreditation of an EAC VSTL. The process for revocation begins with factual findings made pursuant to the Compliance Management Program (Chapter 4). Prior to any revocation of accreditation, VSTLs which fail to comply with program requirements are provided notice of (1) EAC’s intent to suspend, (2) suspension and (3) an opportunity to be heard or cure noncompliance. A laboratory that has its accreditation revoked has the right to appeal. 5.2. Revocation Policy. EAC Accreditation is subject to revocation. The EAC shall revoke an accreditation upon a factual finding that a VSTL has failed to meet a requirement of the Accreditation Program and is unable or unwilling to timely and properly remedy the non-compliance. 5.3. Revocation—Generally. The EAC monitors its VSTLs through its Compliance Management Program (Chapter 4). This program monitors compliance through (1) the VSTL’s continuing obligation to provide EAC Notifications of Changes, (2) EAC’s authority to issue Requests for Documents or Information and (3) the performance of On Site Reviews. E:\FR\FM\25AUN2.SGM 25AUN2 jlentini on PROD1PC65 with NOTICES2 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices Determinations that a VSTL is not complying with program requirements shall be made in Compliance Management Reports (findings of noncompliance). The process outlined in this chapter to suspend and revoke a VSTL’s accreditation shall be initiated (1) immediately for Critical Findings of noncompliance and (2) after an opportunity to remedy the noncompliance for Required Findings (consistent with the process mandated by Section 4.9). Revocation of Accreditation is a three-step process. 5.3.1. Notice of Intent to Suspend; 5.3.2. Suspension of Accreditation; and 5.3.3. Commissioners’ Decision on Revocation of Accreditation. 5.4. Notice of Intent to Suspend. The revocation process shall be initiated by issuing a Notice of Intent to Suspend to a non-compliant VSTL. Such notices shall be issued by the Program Director. VSTLs shall have three days to submit a response to the notice. The EAC will issue a decision on suspension after consideration of the VSTL’s submission. 5.4.1. Written Notice. The Notice of Intent to Suspend shall be in writing and: 5.4.1.1. Inform the VSTL of the EAC’s intent to suspend the laboratory; 5.4.1.2. Identify the program requirement or requirements with which the VSTL has failed to comply; 5.4.1.3. State the factual finding or findings that serve as the basis of the action; 5.4.1.4. Provide a copy of the relevant Compliance Management Report; and 5.4.1.5. Inform the VSTL of its right to file a response to the notice. 5.4.2. VSTL Response. The VSTL may respond to the notice of intent to suspend. Responses must be received by the EAC Program Director within three days of the VSTLs receipt of the Notice of Intent to Suspend to be eligible for consideration. The VSTL response: 5.4.2.1. Must be in writing; 5.4.2.2. Must be timely submitted to be considered; 5.4.2.3. Must challenge the factual finding or findings that serve as the basis of the suspension; 5.4.2.4. May include relevant documentation in support of its challenge. 5.4.3. EAC Consideration of Response. The EAC shall consider the timely submission of a VSTL before issuing a Decision of Suspension. The EAC may consult experts, perform research and request additional information from the VSTL during the consideration process. 5.4.4. EAC Decision on Suspension. The EAC shall issue a Decision on Suspension. The decision shall be made VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 in writing by the Program Director. A decision shall state (1) the decision of the Program Director, (2) the basis for and reasoning behind the decision and (3) the VSTL’s obligations and rights during suspension (if applicable). A Decision on Suspension shall be provided to the VSTL, issued to all registered Manufacturers and posted on EAC’s Web site. The Program Director may make one of two determinations in a Decision on Suspension: 5.4.4.1. Program Compliance. Based upon the EAC’s consideration of a VSTL’s response to the notice of intent to suspend, the Program Director may overturn the factual findings that served as the basis of the notice. In such cases, the Program Director shall determine that the VSTL is in compliance with all program requirements. A decision that the VSTL is in compliance shall end the revocation process. 5.4.4.2. Suspension. The Program Director shall suspend the VSTL consistent with the notice of intent to suspend when the preponderance of the evidence indicates noncompliance with program requirements. Suspension is effective as of the VSTL’s receipt of the decision. 5.5. Suspension of Accreditation. Suspension is the second step in the revocation process. The purpose of Suspension is (1) to provide the suspended VSTL an opportunity to timely cure the noncompliance which served as the basis of Suspension or (2) grant the suspended VSTL an opportunity to be heard prior to revocation of accreditation. A suspended VSTL shall have 20 days to either cure its noncompliance or request an opportunity to be heard. If no action is taken by the suspended VSTL within the 20 days, the EAC Commissioners shall make a decision on revocation. 5.5.1. Effect of Suspension. A suspended VSTL shall immediately cease all testing of voting systems under the EAC’s Certification Program. Any testing performed by a suspended VSTL during its suspension will not be accepted by the EAC under its Voting System Certification Program. Any period of suspension must be clearly documented in a VSTL’s test report (see Chapter 4 of the EAC Voting System Testing and Certification Manual). Testing under the EAC Certification Program shall not resume unless the suspension is lifted or the VSTL is otherwise authorized by the EAC (in writing) to recommence testing. 5.5.2. Opportunity to Cure. A suspended VSTL may request the opportunity to cure its noncompliance within 20 days of its receipt of the Program Director’s Decision on PO 00000 Frm 00019 Fmt 4701 Sfmt 4703 50157 Suspension. The request must include a detailed remedial plan. If this plan is accepted, properly executed and verified, the VSTL’s suspension will be lifted and it may resume testing. 5.5.2.1. Remedial Plan. A request to cure noncompliance must include a plan by which the VSTL outlines how it will timely bring its laboratory into full compliance with the program. The remedial plan shall: 5.5.2.1.1. Identify each noncompliance which served as the basis of its suspension; 5.5.2.1.2. For each identified noncompliance, outline the steps to be taken to achieve compliance. This includes identifying the resources and personnel needed for each step; 5.5.2.1.3. Provide a timeframe for the completion of each identified step and state the final date by which the VSTL will complete the compliance plan; 5.5.2.1.4. Provide a schedule of periodic progress reports to the Program Director; and 5.5.2.1.5. Require the VSTL to provide the EAC a written certification attesting to its completion of the remedial plan and full compliance with program requirements at close of the process. 5.5.2.2. EAC Action on Plan. A remedial plan is subject to approval by the Program Director. The Program Director will work with the suspended VSTL to develop and approve a Remedial Plan that appropriately brings the laboratory into compliance within an acceptable timeframe. Remedial Plans shall be approved in writing. Ultimately, a VSTL’s failure to cooperate or otherwise obtain approval of a remedial plan will result in the termination of the cure process. A determination to terminate the cure process will be made in writing by the Program Director. Upon receipt of a notice that the cure process has been terminated, a suspended VSTL shall have 10 days to request an opportunity to be heard on revocation of accreditation (see Section 5.5.3., below). 5.5.2.3. VSTL Implementation of Plan. After the remedial plan has been approved by the Program Director, the VSTL shall begin implementation. The VSTL shall not deviate from an approved plan’s procedures, requirements or deadlines without the written consent of the Program Director. Failure to follow the remedial plan will result in the termination of the cure process. A determination to terminate the cure process will be made in writing by the Program Director. Upon receipt of a notice that the cure process has been terminated, a suspended VSTL shall have 10 days to request an opportunity E:\FR\FM\25AUN2.SGM 25AUN2 jlentini on PROD1PC65 with NOTICES2 50158 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices to be heard on revocation of accreditation (see Section 5.5.3., below). 5.5.2.4. EAC Verification of Remedy. Upon a VSTL’s timely completion of the remedial plan and receipt of the VSTL’s Certification (see Section 5.5.2.1.5.), the Program Director shall verify compliance. At the discretion of the Program Director, he or she may verify compliance through the acceptance of the VSTL’s Certification or through the various components of the Compliance Management Program (Chapter 4). If the Program Director determines that the remedial plan was not completed, he or she may terminate the cure process. A determination to terminate the cure process will be made in writing. Upon receipt of a notice that the cure process has been terminated, a suspended VSTL shall have 10 days to request an opportunity to be heard on revocation of accreditation (see Section 5.5.3., below). 5.5.2.5. Notice of Compliance. The Program Director shall document his or her verification that the remedial plan was complete by providing a written notice of compliance to the VSTL. This notice shall state that the VSTL is in compliance with program requirements and that the suspension is lifted. The notice shall be posted on the EAC’s Web site and provided to all registered Manufacturers. 5.5.3. Opportunity to be Heard on Revocation of Accreditation. A VSTL has the right to timely challenge the revocation of its accreditation prior to an EAC Decision on Revocation. Unless otherwise noted above, a VSTL has 20 days from the date it received its Decision on Suspension to submit a challenge. Late submissions will not be considered. All challenges of revocation will be heard by the EAC Commissioners. A challenge of revocation shall be submitted to the Program Director, and addressed to the Chair of the U.S. Election Assistance Commission. Each challenge of revocation shall be in writing and: 5.5.3.1. Shall identify each noncompliance which served as the basis of its suspension; 5.5.3.2. Shall identify, document and provide verification of any remedial action completed; 5.5.3.3. Shall provide, for each identified noncompliance, a written argument challenging the finding of noncompliance; and 5.5.3.4. May provide any documentation and information in support of the written statement. 5.6. Commissioners’ Decision on Revocation of Accreditation. Pursuant to HAVA, a VSTL may have its accreditation revoked only by a vote of the EAC Commissioners. Upon a timely VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 receipt of a challenge of revocation, the program Director shall provide each Commissioner all relevant documentation including: (1) The VSTL’s submission challenging revocation, (2) copies of any terminated cure plans, (3) the Notice of Intent to Suspend, (4) the Compliance Management Report; (5) any documents pertaining to challenges or remedial plans provided by the VSTL in response to a relevant Compliance Management report; and (6) a Program Director recommendation as to disposition. 5.6.1. Consideration. Each Commissioner shall review and consider all relevant materials he or she has been provided. A Commissioner may request the Program Director to provide additional relevant materials or information held by the EAC or VSTL. Such requests and any responsive materials shall be provided to each Commissioner. The Chair of the Commission shall ensure that each Commissioner has sufficient time to consider the relevant material before a vote is called. 5.6.2. Process. After a reasonable time to review the forwarded materials, the Chair of the Commission shall bring the Decision of Revocation of Accreditation to a vote, consistent with the rules of the Commission. The measure presented for a vote shall take the form of a written Commissioners’ Decision on Revocation, which: 5.6.2.1. Makes a clear determination as to revocation on accreditation. The Commissioners shall ultimately make one of two decisions: 5.6.2.1.1. Program Compliance. If the VSTL demonstrates that it meets all program requirements, successfully challenging all previous findings of noncompliance, the Commissioners shall find the VSTL compliant, reject the revocation of accreditation and lift the VSTL’s suspension. 5.6.2.1.2. Revocation of Accreditation. If the VSTL does not demonstrate that it meets all program requirements and at least one previous finding of noncompliance stands, the Commissioners shall find the VSTL noncompliant and revoke its accreditation. 5.6.2.2. Provides a finding with regard to each identified noncompliance which served as the basis of suspension; and 5.6.2.3. Identifies the documents and information that served as the basis for the Decision. 5.6.3. Decision-Notice. After a vote of the Commissioners adopting a Decision on Revocation, the Program Director shall forward the decision to the VSTL. At that time the Program Director shall provide the VSTL notice of decision PO 00000 Frm 00020 Fmt 4701 Sfmt 4703 which includes a summary of the laboratory’s appeal rights consistent with Section 5.8., below. 5.6.4. Decision-Publication. After a vote of the Commissioners adopting a Decision on Revocation, the Program Director shall cause the decision to be posted on the EAC’s Web site, issue a copy to each registered voting system Manufacturer and provide the decision to the Director of NIST. 5.7. Effect of Revocation of Accreditation. A revocation of accreditation is effective upon the vote of the Commissioners. Laboratories that have had their accreditation revoked may no longer test voting systems or submit test reports under the EAC certification program. The laboratories may not represent themselves as accredited by EAC. A laboratory which has had its accreditation revoked may reapply for an EAC accreditation consistent with the requirements of Chapter 2, only after the EAC receives a new recommendation for their participation from NIST. Where a revocation of accreditation results in the termination of testing prior to completion, the laboratory which has had its accreditation revoked must provide information to the EAC consistent with 2.10.7. of this manual. Manufacturers may request the EAC grant permission to replace their lead VSTL pursuant to Section 4.3.1.2. of the Voting System Testing and Certification Program Manual. 5.8. Requesting Appeal. A laboratory that has had its accreditation revoked by a vote of the Commissioners shall have the right to appeal. A Laboratory may appeal a Decision to Revoke an Accreditation by first issuing a written request for appeal. 5.8.1. Submission. Requests must be submitted in writing to the Program Director, addressed to the Chair of the U.S. Election Assistance Commission. 5.8.2. Timing of Appeal. The laboratory may request an appeal within 7 calendar days of receipt of the Notice of Decision. Late requests will not be considered. 5.8.3. Contents of Request. The request must petition for reconsideration of the Commissioners’ Decision on Revocation and clearly state the specific conclusions of the Decision the laboratory wishes to appeal. 5.9. EAC Action on a Request for Appeal. The Program Director shall accept any request for appeal timely submitted. Untimely requests shall be rejected. Upon receipt of a request for appeal, the Program Director shall notify the requestor laboratory, in writing, as to whether their appeal has been accepted as timely. The notice for E:\FR\FM\25AUN2.SGM 25AUN2 jlentini on PROD1PC65 with NOTICES2 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices accepted requests shall inform the applicant laboratory of the requirements for submitting their appeal per Section 5.10. of this Manual. 5.10. Submission of Appeal. After submission of a timely request for appeal, the Laboratory shall submit its appeal. This appeal shall (1) clearly identify the specific conclusions of the Commissioners’ Decision the laboratory wishes to challenge, (2) provide the basis for its position on appeal and (3) submit a written argument in support of its appeal. In addition, the applicant laboratory may submit documentary or other relevant, physical evidence in support of the appeal. The Appeal and all supporting materials must be received by the EAC within 20 days of the applicant laboratory’s receipt of the Program Director’s notice of acceptance of the request to appeal. 5.11. Consideration of Appeal. All timely appeals will be considered by the Commissioners. Upon receipt of an appeal, the Chair of the Commission shall forward to each EAC Commissioner the laboratory’s appellate submission, along with the original information considered during the Commissioners’ Decision on Revocation (see Section 5.6.). After a reasonable time to review and consider the forwarded materials, the Chair of the Commission shall bring the matter to a vote, consistent with the rules of the Commission. The measure presented for a vote shall take the form of a written Commissioners’ Decision on Appeal. 5.12. Commissioners’ Decision on Appeal. The Commissioners shall make a written, final Decision on Appeal and shall provide it to the laboratory. 5.12.1. Contents. The Decision on Appeal shall: 5.12.1.1. State the final determination of the Commission. 5.12.1.2. Address the matters raised by the laboratory on appeal. 5.12.1.3. Provide the reasoning behind the decision. 5.12.1.4. State that the Decision on Appeal is final. 5.12.2. Determinations. The Commissioners shall make one of two determinations on appeal. 5.12.2.1. Grant of Appeal. If the Commissioners determine that the previous Decision of the Commission shall be overturned in full, and the laboratory meets all program requirements, the appeal shall be granted. In such cases, the laboratory shall have its accreditation immediately reinstated. 5.12.2.2. Denial of Appeal. If the Commissioners determine that any part of the previous Decision of the Commission shall be upheld such that VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 the procedural requirements of Chapter 3 or the Program requirements of Chapter 2 of this manual will not be met in full, the appeal shall be denied. In such cases, the application for appeal is finally denied. 5.12.3. Effect. All Decisions on Appeal shall be final and binding on the Applicant Laboratory. No additional request for appeal shall be granted. 5.12.4. Notice. After a vote of the Commissioners adopting a Decision on Appeal, the Program Director shall forward the decision to the VSTL. 5.12.5. Publication. After a vote of the Commissioners adopting a Decision on Appeal, the Program Director shall cause the decision to be posted on the EAC Web site, issue a copy to each registered voting system Manufacturer and provide the decision to the Director of NIST. 6. Requests for Interpretations 6.1. Overview. A Request for Interpretation is a means by which a registered Manufacturer or VSTL may seek clarification on a specific EAC voting system standard (VVSG or VSS). An Interpretation is a clarification of the voting system standards and guidance on how to properly evaluate conformance to it. Suggestions or requests for modifications to the standards are provided by other processes. This chapter outlines the policy, requirements, and procedures for submitting a Request for Interpretation. 6.2. Policy. Registered Manufacturers or VSTLs may request that the EAC provide a definitive Interpretation of EAC-accepted voting system standards (VVSG or VSS) when, in the course of developing or testing a voting system, facts arise that make the meaning of a particular standard ambiguous or unclear. The EAC may self-initiate such a request when its agents identify a need for interpretation within the program. An Interpretation issued by the EAC will serve to clarify what a given standard requires and how to properly evaluate compliance. An Interpretation does not amend voting system standards, but serves only to clarify existing standards. 6.3. Requirements for Submitting a Request for Interpretation. An EAC Interpretation is limited in scope. The purpose of the Interpretation process is to provide Manufacturers or VSTLs who are in the process of developing or testing a voting system a means for resolving the meaning of a voting system standard in light of specific voting system technology without having to present a finished product to EAC for certification. To submit a PO 00000 Frm 00021 Fmt 4701 Sfmt 4703 50159 Request for Interpretation, one must (1) be a proper requester, (2) request interpretation of an applicable voting system standard, (3) present an actual controversy, and (4) seek clarification on a matter of unsettled ambiguity. 6.3.1. Proper Requestor. A Request for Interpretation may be submitted only by a registered Manufacturer or a VSTL. Requests for Interpretation will not be accepted from any other parties. 6.3.2. Applicable Standard. A Request for Interpretation is limited to queries on EAC voting system standards (i.e., VVSG or VSS). Moreover, a Manufacturer or VSTL may submit a Request for Interpretation only on a version of EAC voting system standards to which the EAC currently offers certification. 6.3.3. Existing Factual Controversy. To submit a Request for Interpretation, a Manufacturer or VSTL must present a question relative to a specific voting system or technology proposed for use in a voting system. A Request for Interpretation on hypothetical issues will not be addressed by the EAC. To submit a Request for Interpretation, the need for clarification must have arisen from the development or testing of a voting system. A factual controversy exists when an attempt to apply a specific section of the VVSG or VSS to a specific system or piece of technology creates ambiguity. 6.3.4. Unsettled, Ambiguous Matter. Requests for Interpretation must involve actual controversies that have not been previously settled. This requirement mandates that interpretations contain actual ambiguities not previously clarified. 6.3.4.1. Actual Ambiguity. A proper Request for Interpretation must contain an actual ambiguity. The interpretation process is not a means for challenging a clear EAC voting system standard. Recommended changes to voting system standards are welcome and may be forwarded to the EAC, but they are not part of this program. An ambiguity arises (in applying a voting system standard to a specific technology) when one of the following occurs: 6.3.4.1.1. The language of the standard is unclear on its face; 6.3.4.1.2. One section of the standard seems to contradict another, relevant section; 6.3.4.1.3. The language of the standard, though clear on its face, lacks sufficient detail or breadth to determine its proper application to a particular technology; 6.3.4.1.4. The language of a particular standard, when applied to a specific technology, clearly conflicts with the E:\FR\FM\25AUN2.SGM 25AUN2 jlentini on PROD1PC65 with NOTICES2 50160 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices established purpose or intent of the standard; or 6.3.4.1.5. The language of the standard is clear, but the proper means to assess compliance is unclear. 6.3.4.2. Not Previously Clarified. The EAC will not accept a Request for Interpretation when the issue has previously been clarified. 6.4. Procedure for Submitting a Request for Interpretation. A Request for Interpretation shall be made in writing to the Program Director. All requests should be complete and as detailed as possible because Interpretations issued by the EAC are based on, and limited to, the facts presented. Failure to provide complete information may result in an Interpretation that is off point and immaterial to the issue at hand. The following steps must be taken when writing a Request for Interpretation: 6.4.1. Establish Standing To Make the Request. To make a request, one must meet the requirements identified in Section 6.3. above. Thus, the written request must provide sufficient information for the Program Director to conclude that the requestor is (1) a proper requester, (2) requesting an Interpretation of an applicable voting system standard, (3) presenting an actual factual controversy, and (4) seeking clarification on a matter of unsettled ambiguity. 6.4.2. Identify the EAC Voting System Standard To Be Clarified. The request must identify the specific standard or standards for which the requestor seeks clarification. The request must state the version of the voting system standards at issue (if applicable) and quote and correctly cite the applicable standards. 6.4.3. State the Facts Giving Rise to the Ambiguity. The request must provide the facts associated with the voting system technology that gave rise to the ambiguity in the identified standard. The requestor must be careful to provide all necessary information in a clear, concise manner. Any Interpretation issued by the EAC will be based on the facts provided. 6.4.4. Identify the Ambiguity. The request must identify the ambiguity it seeks to resolve. The ambiguity shall be identified by stating a concise question that meets the following requirements: 6.4.4.1. Shall be clearly stated; 6.4.4.2. Shall be related to and reference the voting system standard and voting system technology information provided; and 6.4.4.3. Shall be limited to a single issue. Each question or issue arising from an ambiguous standard must be stated separately. Compound questions are unacceptable. If multiple issues VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 exist, they should be presented as individual, numbered questions. 6.4.4.4. Shall be stated in a way that can ultimately be answered yes or no. 6.4.5. Provide a Proposed Interpretation. A Request for Interpretation should propose an answer to the question posed. The answer should interpret the voting system standard in the context of the facts presented. It should also provide the basis and reasoning behind the proposal. 6.5. EAC Action on a Request for Interpretation. Upon receipt of a Request for Interpretation, the EAC shall take the following action: 6.5.1. Review the Request. The Program Director shall review the request to ensure it is complete, is clear, and meets the requirements of Section 6.3. Upon review, the Program Director may take the following action: 6.5.1.1. Request Clarification. If the Request for Interpretation is incomplete or additional information is otherwise required, the Program Director may request that the Manufacturer or VSTL clarify its Request for Interpretation and identify any additional information required. 6.5.1.2. Reject the Request for Interpretation. If the Request for Interpretation does not meet the requirements of Section 6.3., the Program Director may reject it. Such rejection must be provided in writing to the Manufacturer or VSTL and must state the basis for the rejection. 6.5.1.3. Notify Acceptance of the Request. If the Request for Interpretation is acceptable, the Program Director will notify the Manufacturer or VSTL in writing and provide it with an estimated date of completion. A Request for Interpretation may be accepted in whole or in part. A notice of acceptance shall state the issues accepted for interpretation. 6.5.2. Consideration of the Request. After a Request for Interpretation has been accepted, the matter shall be investigated and researched. Such action may require the EAC to employ technical experts. It may also require the EAC to request additional information from the Manufacturer or VSTL. The Manufacturer or VSTL shall respond promptly to such requests. 6.5.3. Interpretation. The Decision Authority shall be responsible for making determinations on a Request for Interpretation. After this determination has been made, a written Interpretation shall be sent to the Manufacturer or VSTL. The following actions are necessary to prepare this written Interpretation: PO 00000 Frm 00022 Fmt 4701 Sfmt 4703 6.5.3.1. State the question or questions investigated; 6.5.3.2. Outline the relevant facts that served as the basis of the Interpretation; 6.5.3.3. Identify the voting system standards interpreted; 6.5.3.4. State the conclusion reached; and 6.5.3.5. Inform the Manufacturer or VSTL of the effect of an Interpretation (see Section 6.6.). 6.6. Effect of Interpretation. Interpretations are fact specific and case specific. They are not tools of policy, but specific, fact-based guidance useful for resolving a particular problem. An Interpretation is determinative and conclusive only with regard to the case presented. Nevertheless, Interpretations do have some value as precedent. Interpretations published by the EAC shall serve as reliable guidance and authority over identical or similar questions of interpretation. These Interpretations will help users understand and apply the provisions of EAC voting system standards. 6.7. Library of Interpretations. To better serve Manufacturers, VSTLs, and those interested in the EAC voting system standards, the Program Director shall publish EAC Interpretations. All proprietary information contained in an Interpretation will be redacted before publication consistent with Chapter 7 of this Manual. The library of published opinions is posted on the EAC Web site: www.eac.gov. 7. Release of Laboratory Accreditation Program Information 7.1. Overview. VSTLs participating in the Certification Program will be required to provide the EAC a variety of documents. In general, these documents will be releasable to the public. Moreover, in many cases, the information provided will be affirmatively published by the EAC. In limited cases, however, documents may not be released if they include trade secrets, confidential commercial information, or personal information. While the EAC is ultimately responsible for determining which documents Federal law protects from release, VSTLs must identify the information they believe is protected and provide substantiation and a legal basis for withholding. This chapter discusses EAC’s general policy on the release of information and provides VSTL’s with standards, procedures, and requirements for identifying documents as trade secrets or confidential commercial information. 7.2. EAC Policy on the Release of Certification Program Information. The EAC seeks to make its Voting System E:\FR\FM\25AUN2.SGM 25AUN2 jlentini on PROD1PC65 with NOTICES2 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices Test Laboratory Program as transparent as possible. The agency believes that such action benefits the program by increasing public confidence in the process and creating a more informed and involved public. As such, it is the policy of the EAC to make all documents, or severable portions thereof, available to the public consistent with Federal law (e.g., Freedom of Information Act (FOIA) and the Trade Secrets Act). 7.2.1. Requests for information. As in any Federal program, members of the public may request access to Certification Program documents under FOIA (5 U.S.C. § 552). The EAC will promptly process such requests per the requirements of that Act. 7.2.2. Publication of documents. Beyond the requirements of FOIA, the EAC intends to affirmatively publish program documents (or portions of documents) it believes will be of interest to the public. This publication will be accomplished through the use of the EAC Web site (www.eac.gov). The published documents will cover the full spectrum of the program, including information pertaining to: 7.2.2.1. Accredited Laboratories; 7.2.2.2. VSTL test plans; 7.2.2.3. VSTL test reports; 7.2.2.4. Agency decisions; 7.2.2.5. Denials of Certification; 7.2.2.6. Issuance of Certifications; 7.2.2.7. Compliance Management Reports; 7.2.2.8. Suspensions or Revocation of Accreditations; 7.2.2.9. Appeals; 7.2.2.10. Official Interpretations (VVSG or VSS); and 7.2.2.11. Other topics as determined by the EAC. 7.2.3. Trade Secret and Confidential Commercial Information. Federal law places a number of restrictions on a Federal agency’s authority to release information to the public. Two such restrictions are particularly relevant to the Accreditation Program: (1) Trade secrets information and (2) privileged or confidential commercial information. Both types of information are explicitly prohibited from release by the FOIA and the Trade Secrets Act (18 U.S.C. § 1905). 7.3. Trade Secrets. A trade secret is a secret, commercially valuable plan, process, or device that is used for the making or processing of a product and that is the end result of either innovation or substantial effort. It relates to the productive process itself, describing how a product is made. It does not relate to information describing end product capabilities, features, or performance. VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 7.3.1. The following examples illustrate productive processes that may be trade secrets: 7.3.1.1. Plans, schematics, and other drawings useful in production. 7.3.1.2. Specifications of materials used in production. 7.3.1.3. Voting system source code used to develop or manufacture software where release would reveal actual programming. 7.3.1.4. Technical descriptions of manufacturing processes and other secret information relating directly to the production process. 7.3.2. The following examples are likely not trade secrets: 7.3.2.1. Information pertaining to a finished product’s capabilities or features. 7.3.2.2. Information pertaining to a finished product’s performance. 7.3.2.3. Information regarding product components that would not reveal any commercially valuable information regarding production. 7.4. Privileged or Confidential Commercial Information. Privileged or confidential commercial information is that information submitted by a VSTL that is commercial or financial in nature and privileged or confidential. 7.4.1. Commercial or Financial Information. The terms commercial and financial should be given their ordinary meanings. They include records in which a submitting VSTL has any commercial interest. 7.4.2. Privileged or Confidential Information. Commercial or financial information is privileged or confidential if its disclosure would likely cause substantial harm to the competitive position of the submitter. The concept of harm to one’s competitive position focuses on harm flowing from a competitor’s affirmative use of the proprietary information. It does not include incidental harm associated with upset customers or employees. 7.5. EAC’s Responsibilities. The EAC is ultimately responsible for determining whether or not a document (in whole or in part) may be released pursuant to Federal law. In doing so, however, the EAC will require information and input from the VSTL submitting the documents. This requirement is essential for the EAC to identify, track, and make determinations on the large volume of documentation it receives. The EAC has the following responsibilities: 7.5.1. Managing Documentation and Information. The EAC will control the documentation it receives by ensuring that documents are secure and released to third parties only after the appropriate review and determination. PO 00000 Frm 00023 Fmt 4701 Sfmt 4703 50161 7.5.2. Contacting a VSTL on Proposed Release of Potentially Protected Documents. In the event a member of the public submits a FOIA request for documents provided by a VSTL or the EAC otherwise proposes the release of such documents, the EAC will take the following actions: 7.5.2.1. Review the documents to determine if they are potentially protected from release as trade secrets or confidential commercial information. The documents at issue may have been previously identified as protected by the VSTL when submitted (see Section 7.6.1. below) or identified by the EAC on review. 7.5.2.2. Grant the submitting VSTL an opportunity to provide input. In the event the information has been identified as potentially protected from release as a trade secret or confidential commercial information, the EAC will notify the submitter and allow it an opportunity to submit its position on the issue prior to release of the information. The submitter shall respond consistent with Section 7.6.1. below. 7.5.3. Final Determination on Release. After providing the submitter of the information an opportunity to be heard, the EAC will make a final decision on release. The EAC will inform the submitter of this decision. 7.6. VSTL’s Responsibilities. Although the EAC is ultimately responsible for determining if a document, or any portion thereof, is protected from release as a trade secret or confidential commercial information, the VSTL shall be responsible for identifying documents, or portions of documents, it believes warrant such protection. Moreover, the VSTL will be responsible for providing the legal basis and substantiation for its determination regarding the withholding of a document. This responsibility arises in two situations: (1) Upon the initial submission of information and (2) upon notification by the EAC that it is considering the release of potentially protected information. 7.6.1. Initial Submission of Information. When a VSTL is submitting documents to the EAC as required by the Accreditation or Certification Programs, it is responsible for identifying any document or portion of a document that it believes is protected from release by Federal law. VSTLs shall identify protected information 9 by taking the following action: 9 Documents submitted by the VSTL may include information that is a trade secret or confidential E:\FR\FM\25AUN2.SGM Continued 25AUN2 50162 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices 7.6.1.1. Submitting a Notice of Protected Information. This notice shall identify the document, document page, or portion of a page that the VSTL believes should be protected from release. This identification must be done with specificity. For each piece of information identified, the VSTL must state the legal basis for its protected status. 7.6.1.1.1. Cite the applicable law that exempts the information from release. 7.6.1.1.2. Clearly discuss why that legal authority applies and why the document must be protected from release. 7.6.1.1.3. If necessary, provide additional documentation or information. For example, if the VSTL claims a document contains confidential commercial information, it would also have to provide evidence and analysis of the competitive harm that would result upon release. jlentini on PROD1PC65 with NOTICES2 commercial information of a Manufacturer. The VSTL shall take steps to identify any information it believes may be protected. The VSTL may seek the input of the Manufacturer when identifying potentially protected information pursuant to the requirements of this chapter. All communications on this matter shall be in writing. VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 7.6.1.2. Label Submissions. Label all submissions identified in the notice as ‘‘Proprietary Commercial Information.’’ Label only those submissions identified as protected. Attempts to indiscriminately label all materials as proprietary will render the markings moot. 7.6.2. Notification of Potential Release. In the event a VSTL is notified that the EAC is considering the release of information that may be protected, the VSTL shall take the following action: 7.6.2.1. Respond to the notice in writing within 15 calendar days. If additional time is needed, the VSTL must promptly notify the Program Director. Requests for additional time will be granted only for good cause and must be made before the 15-day deadline. VSTLs that do not respond in a timely manner will be viewed as not objecting to release. 7.6.2.2. Clearly state one of the following in the response: 7.6.2.2.1. There is no objection to release, or 7.6.2.2.2. The VSTL objects to release. In this case, the response must clearly PO 00000 Frm 00024 Fmt 4701 Sfmt 4703 state which portions of the document the VSTL believes should be protected from release. The VSTL shall follow the procedures discussed in Section 7.6.1 above. 7.7. Personal Information. Certain personal information is protected from release under FOIA and the Privacy Act (5 U.S.C. § 552a). This information includes private information about a person that, if released, would cause the individual embarrassment or constitute an unwarranted invasion of personal privacy. Generally, the EAC will not require the submission of private information about individuals. The incidental submission of such information should be avoided. If a VSTL believes it is required to submit such information, it should contact the Program Director. If the information will be submitted, it must be properly identified. Examples of such information include the following: 7.7.1. Social Security Number. 7.7.2. Bank account numbers. 7.7.3. Home address. 7.7.4. Home phone number. BILLING CODE 6820–KF–P E:\FR\FM\25AUN2.SGM 25AUN2 50163 BILLING CODE 6820–KF–C VerDate Aug<31>2005 17:16 Aug 22, 2008 Jkt 214001 PO 00000 Frm 00025 Fmt 4701 Sfmt 4703 E:\FR\FM\25AUN2.SGM 25AUN2 EN25AU08.006</GPH> jlentini on PROD1PC65 with NOTICES2 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices 50164 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices Appendix A. Certification Test Plan Format and Content The primary purpose of the test plan is to document the VSTL’s development of the certification tests conducted on a voting system submitted as a candidate for EAC certification. Although this appendix serves as a general guide to preparing test plans, VSTL’s may tailor the scope and detail of these requirements to the design of the specific voting system submitted for testing, the type of hardware components submitted for testing, and the complexity of the software submitted for testing. This appendix should be used in conjunction with the requirements noted in the applicable version or versions of the EAC’s VVSG when developing test plans. Test Plan Format Test Plans produced by VSTLs shall follow the format outlined below: 1. Introduction 1.1 References 1.2 Terms and Abbreviations 1.3 Testing Responsibilities 2. Evaluation of Prior Non-VSTL Tests 2.1 Tests conducted prior to the certification engagement 2.2 Prior test results 3. Materials Required for Testing 3.1 Software 3.2 Equipment 3.3 Test materials 3.4 Deliverable materials 4. Test Specification 4.1 Requirements 4.2 Hardware configuration and design 4.3 Software system functions 5. Test Data 5.1 Test data recording 5.2 Test data criteria 5.3 Test data reduction 6. Test Procedure and Conditions 6.1 Facility requirements 6.2 Test set-up 6.3 Test sequence 7. Proprietary Data Required Content of Test Plan Introduction jlentini on PROD1PC65 with NOTICES2 Test Plan references shall list all documents containing materials used to VerDate Aug<31>2005 17:16 Aug 22, 2008 Jkt 214001 prepare the test plan. This section of the plan shall include a copy of the implementation statement provided by the manufacture and any interpretations made by the VSTL to fully identify the implementation under test and the scope of the testing engagement. The VSTL shall identify all parties responsible for conducting testing of the candidate voting system, including all subcontracted testing laboratories and all engineers assigned to the test engagement. is adopting from publicly available test suites (including those that may be developed by NIST at a future date), the VSTL shall identify the public reference and document the implementation details that determine how the public tests are realized for the voting system under test. For all other tests, the VSTL shall incorporate all relevant information into the test plan as needed to reproduce the testing. Evaluation of Previous Testing Data The VSTL shall document all previous certifications, reviews or other testing that may impact the VSTL’s determination of the scope of the conformity assessment testing for the candidate voting system. The VSTL may recognize certifications, and tests conducted by other labs, including nonVSTLs, as making some portions of the voting system testing campaign redundant. For example, a COTS computer should already have been certified to comply with the rules and regulations of the Federal Communications Commission (FCC), Part 15, Subpart B requirements for both radiated and conducted emissions and need not be retested for this requirement. Also, if a slightly modified system is submitted for reassessment, the VSTLs finding that some of the previous testing need not be repeated would be documented in this section of the Test Plan subject to approval of the EAC. The VSTL shall identify what data is to be measured, and how tests and results are recorded. The VSTL shall supply any special instrumentation needed to satisfy the data requirements. The VSTL shall describe the criteria against which the results will be evaluated, including but not limited to criteria defining the acceptable range for voting system conformance (tolerances); criteria defining the minimum number of combinations or alternatives of input and output conditions that can be exercised to constitute an acceptable test of the parameters involved (sampling); and criteria defining the maximum number of interrupts, halts or other system breaks that may occur due to non-test conditions (events). Materials The VSTL shall enumerate all materials delivered by the Manufacturer to enable the test engagement to occur. These materials include not only the applicable hardware and software, but also the Technical Data Package (TDP) test ballot, test data, and all other materials necessary to conduct appropriate testing. All materials delivered to the VSTL shall be identified by specific version number, product number, serial number, etc., if appropriate, and the quantity of each item delivered shall be noted. Specifications For all applicable tests specified in the VVSG, the VSTL shall document the implementation details that determine how the standard tests are realized for the voting system under test. For all tests that the VSTL PO 00000 Frm 00026 Fmt 4701 Sfmt 4703 Procedures and Conditions The VSTL shall provide the information necessary to reproduce the testing that it performs. This information includes facility requirements, test set-up, test sequence, and pass criteria. Proprietary Data The VSTL shall list and describe in this section all documentation and data that are proprietary to the Manufacturer and hence subject to restrictions on use, release, or disclosure. All proprietary data and information must be included in this section, preferably as a separate electronic file, in order to easily publish the test plans on the EAC Web site while withholding information considered proprietary or confidential by Federal law. BILLING CODE 6820–KF–P E:\FR\FM\25AUN2.SGM 25AUN2 50165 BILLING CODE 6820–KF–C VerDate Aug<31>2005 17:16 Aug 22, 2008 Jkt 214001 PO 00000 Frm 00027 Fmt 4701 Sfmt 4703 E:\FR\FM\25AUN2.SGM 25AUN2 EN25AU08.007</GPH> jlentini on PROD1PC65 with NOTICES2 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices 50166 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices Appendix B. Certification Test Report Format and Content The primary purpose of the test report is to facilitate the presentation of conclusions and recommendations regarding voting system conformance to the VVSG. The Test Report also provides a summary of test operations, test results, test data records and analysis to support the conclusions and recommendations presented by the VSTL. Although this appendix serves as a general guide to preparing the test reports, VSTL’s may tailor the scope and detail of the testing conducted on the candidate voting system. This appendix should be used along with the requirements noted in the applicable version or versions of the EAC’s VVSG when developing test reports. Test Reports produced by VSTLs shall follow the format outlined below: 1. System Identification and Overview 2. Certification Test Background 2.1 Revision History 2.2 Implementation Statement 3. Test Findings and Recommendation 3.1 Summary Finding and Recommendation 3.2 Reasons for Recommendation to Reject 3.3 Anomalies 3.4 Correction of Deficiencies Appendix A. Additional Findings Appendix B. Warrant of Accepting Change Control Responsibility Appendix C. Witness Build Appendix D. Test Plan Appendix E. State Test Reports System Identification and Overview jlentini on PROD1PC65 with NOTICES2 The VSTL shall provide basic information about the voting system software and supporting hardware including the system name and major subsystems or their equivalent and their version numbers. In addition, this section shall describe the design and structure of the voting system, technologies used, processing capacity claimed by the Manufacturer for system components such as ballot counters, and vote consolidation equipment. The description of 17:16 Aug 22, 2008 Certification Test Background For modifications to previously tested voting systems, the VSTL shall include references to the test reports that are precedential to the current testing engagement. The VSTL shall also include the implementation statement submitted by the Manufacturer, amended to reflect any changes that were necessitated during the course of the testing engagement. Test Findings and Recommendation Test Report Format VerDate Aug<31>2005 the voting system, both software and hardware shall have enough detail and specificity to allow the identification of a voting system in the field as being either identical to that tested or a modified version of the system. This section may also identify other products that interface with the voting system. Jkt 214001 This section provides a summary of the results of the testing engagement and indicates any special considerations that affect the conclusions derived from the test results. The VSTL shall present a summary finding of whether or not the voting system, as tested, satisfied all applicable mandatory (‘‘shall’’) requirements of the VVSG. The VSTL shall also provide a specific recommendation to the EAC for approval or rejection of the candidate system. If the VSTL finds that the voting system under test does not satisfy all applicable mandatory requirements of the VVSG, the VSTL shall identify each of the specific requirements that were not satisfied, and include a description of the inspections or tests that detected the nonconformities and include any applicable evidence (e.g., vote data report, citation of logic error in source code, etc.) The VSTL shall also summarize all failures, errors, nonconformities and anomalies that were observed during the testing engagement. Finally, the VSTL shall identify any deficiencies corrected during the course of the test engagement and identify inspections or tests that confirm that the deficiencies were corrected. Appendix A. Additional Findings The VSTL shall include as Appendix A of the Test Report identification of each PO 00000 Frm 00028 Fmt 4701 Sfmt 4703 applicable non-mandatory test (‘‘shoulds’’) for which conformity was demonstrated during the testing engagement. Appendix A shall also include identification of all tests that were identified as non-applicable to the voting system under test and therefore waived during the test engagement. Appendix A shall also include the laboratory response to any additional information, report or review provided by the EAC regarding the voting system under testing, and whether or not the items noted in the materials presented have any relevance to the system under test. Appendix B. Warrant of Accepting Change Control Responsibility If the Manufacturer must make changes to the voting system to successfully complete the conformance testing, the VSTL shall include as Appendix B of the Test Report a signed warrant from the Manufacturer that those changes will be included in the product that is delivered to customers. Appendix C. Witness Build The VSTL shall include as Appendix C of the Test Report a copy of the record of the final witness build and sufficient description of the build process to enable reproduction of the build. Appendix D. Test Plan The VSTL shall include a copy of the voting system Test Plan, amended to reflect any deviations from the original, EAC approved, test Plan during the course of testing. Appendix E. State Test Reports The VSTL shall include the results or reports form any testing engagement requested by a State to the EAC candidate system conducted concurrent to the EAC testing engagement. The results of State test reports shall not impact the EAC certification of the voting system if the system successfully meets all requirements of the EAC VVSG and Testing and Certification Program. BILLING CODE 6820–KF–P E:\FR\FM\25AUN2.SGM 25AUN2 VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 PO 00000 Frm 00029 Fmt 4701 Sfmt 4725 E:\FR\FM\25AUN2.SGM 25AUN2 50167 EN25AU08.008</GPH> jlentini on PROD1PC65 with NOTICES2 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices VerDate Aug<31>2005 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices 16:39 Aug 22, 2008 Jkt 214001 PO 00000 Frm 00030 Fmt 4701 Sfmt 4725 E:\FR\FM\25AUN2.SGM 25AUN2 EN25AU08.009</GPH> jlentini on PROD1PC65 with NOTICES2 50168 VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 PO 00000 Frm 00031 Fmt 4701 Sfmt 4725 E:\FR\FM\25AUN2.SGM 25AUN2 50169 EN25AU08.010</GPH> jlentini on PROD1PC65 with NOTICES2 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices BILLING CODE 6820–KF–C VerDate Aug<31>2005 17:16 Aug 22, 2008 Jkt 214001 PO 00000 Frm 00032 Fmt 4701 Sfmt 4703 E:\FR\FM\25AUN2.SGM 25AUN2 EN25AU08.011</GPH> jlentini on PROD1PC65 with NOTICES2 50170 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices Appendix D. Specification for Reproduction and Use of the EAC Laboratory Accreditation Logo To maintain a high level of quality and consistency in a variety of applications, the following guidelines have been developed for VSTL use of the EAC laboratory accreditation logo. Use and Display jlentini on PROD1PC65 with NOTICES2 The EAC VSTL logo contains the following elements: The ‘‘U.S. Election Assistance Commission’’ and ‘‘VSTL’’ logotype separated by a divider rule. The EAC will provide all accredited VSTLs with high resolution digital files for use on approved written or electronic documents. The logo may only be used by EAC accredited VSTLs and shall not misrepresent the specific standards or guidelines to which the VSTL has been accredited. The EAC VSTL logo may be displayed on all reports and work documents that contain exclusive results from testing activities that have been carried out within the labs’ EAC scope of accreditation. Accredited laboratories may also incorporate the logo in publicity and/or advertising materials, including brochures VerDate Aug<31>2005 17:16 Aug 22, 2008 Jkt 214001 50171 and organization publications, technical literature, business reports, Web sites and quotations or proposals for work. Only the approved version of the VSTL logo may be used. When using the logo: * Do not print the logo in black over a dark background. * Do not change any colors of the logo. * Do not configure the elements of the logo in a different format. * Do not crop or remove any part of the logo. * Do not distort the logo. * Do not tilt the logo in any direction. * Do not add shadows, effects or other elements to the logo. * Do not change the typeface/font used in the logo. space should measure at least X on all sides, where X equals 1⁄2 the height of the upper case letters ‘‘VSTL’’ in the logo. Do not place any other logo, logotype, trademark, text, or other graphic element in the minimum clear space area. Minimum Size Blue The full VSTL logo must remain readable in all uses and should not be reduced to a size smaller than 2.5 inch x 1 inch. The clear space surrounding the VSTL logo is an integral part of the logo design. An area of clear space must be maintained around the logo to prevent it from being in conflict with other design elements on the page. The clear Frm 00033 Fmt 4701 A black version of the logo may be printed on white or light color background paper. In these instances, the logo should appear in 100% black. Color Printing Whenever possible, the full color version of the logo should be used. The appropriate colors are provided below for 4 color process printing or RGB for electronic use. CMYK = 98/78/0/29 RGB = 0/51/153 HSL = 156/255/77 Red Minimum Clear Space PO 00000 One Color Printing Sfmt 4703 CMYK = 5/96/98/5 RGB = 204/51/0 HSL = 10/255/102 Embossing on ‘‘VSTL’’ = CMYK 97/92/0/65 BILLING CODE 6820–KF–P E:\FR\FM\25AUN2.SGM 25AUN2 Federal Register / Vol. 73, No. 165 / Monday, August 25, 2008 / Notices [FR Doc. E8–19064 Filed 8–22–08; 8:45 am] BILLING CODE 6820–KF–C VerDate Aug<31>2005 16:39 Aug 22, 2008 Jkt 214001 PO 00000 Frm 00034 Fmt 4701 Sfmt 4703 E:\FR\FM\25AUN2.SGM 25AUN2 EN25AU08.012</GPH> jlentini on PROD1PC65 with NOTICES2 50172

Agencies

[Federal Register Volume 73, Number 165 (Monday, August 25, 2008)]
[Notices]
[Pages 50140-50172]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: E8-19064]


-----------------------------------------------------------------------

ELECTION ASSISTANCE COMMISSION


Procedural Manual for the Election Assistance Commission's Voting 
System Test Laboratory Program

AGENCY: United States Election Assistance Commission (EAC).

ACTION: Notice; Publication of Voting System Test Laboratory Program 
Manual.

-----------------------------------------------------------------------

SUMMARY: The U.S. Election Assistance Commission (EAC) is publishing a 
procedural manual for its Voting System Test Laboratory Program. This 
program sets the administrative procedures for laboratories to obtain 
and maintain accreditation to test voting systems under the EAC's 
Voluntary Testing and Certification Program. The program is mandated by 
the Help America Vote Act (HAVA) at 42 U.S.C. 15371.

FOR FURTHER INFORMATION CONTACT: Brian Hancock, Director, Voting System 
Certification, Washington, DC, (202) 566-3100, Fax: (202) 566-1392.

SUPPLEMENTARY INFORMATION:

Background

    HAVA requires that the EAC certify and decertify voting systems 
through testing conducted by accredited laboratories. Section 231(a)(1) 
of HAVA (42 U.S.C. 15371) specifically requires the EAC to ``* * * 
provide for the testing, certification, decertification and 
recertification of voting system hardware and software by accredited 
laboratories.'' To meet this obligation, the EAC has created a 
voluntary program to test voting systems to Federal voting system 
standards by accredited laboratories. The Voting System Test Laboratory 
Program Manual sets the procedures for the test laboratories to follow 
in order to receive and maintain accreditation as well as procedures 
for the documentation and publication of testing information.
    In creating the Laboratory Manual the EAC sought input from experts 
and stakeholders. Specifically, the EAC conducted meetings with 
representatives from the voting system test laboratories and from the 
voting system manufacturing community. Additionally, the EAC sought 
input from the public. A draft version of the EAC Voting System Test 
Laboratory Program Manual was published with a request for public 
comment on February 4, 2008. (73 FR 6495). The public comment period 
was open until 5 p.m. EST on April 4, 2008. While previous notice and 
public comment period were not required by law, all comments received 
were considered in the drafting of this final administrative manual.

[[Page 50141]]

Discussion of Comments

    The EAC received thirty-eight comments from the public. The 
majority of these comments came from voting system test laboratories, 
with the remainder coming from the general public.
    The majority of comments received by the Commission raised concerns 
or questioned the meaning or application of various provisions of the 
manual. Another block of comments were less specific and focused on the 
fundamental purpose behind the program or its basic methodology. 
Comments in this category included concerns regarding the level of 
allowable participation by manufacturers in the testing process and the 
responsibilities of Voting System Test Laboratories regarding third 
party testing. Finally, there were a range of specific recommendations 
on a wide variety of topics. Examples include: (1) Changing the scope 
of core and non-core testing; (2) clarifying who is responsible for the 
validation of test methods; (3) allowing hardware mitigation by the 
manufacturer; (4) clarifying the scope of the use of prior testing in a 
testing campaign; (5) clarifying the restriction on testing at 
manufacturer owned or controlled facilities and the allowance of such 
activity in conjunction with the witness or trusted build; and (6) 
placing the responsibility for the proper identification of proprietary 
information on the manufacturer and not on the testing laboratory.
    The EAC reviewed and considered each of the comments presented. In 
doing so, it also gathered additional information and performed 
research regarding the suggestions. The EAC's commitment to public 
participation is evident in the final version of the Laboratory Manual. 
The Manual has been enhanced in a number of areas in response to public 
comment. A total of about five pages have been added to the Manual. 
Throughout the entire Manual the EAC added or amended language to 
clarify its procedures consistent with the comments it received. For 
example, to further clarify terminology used throughout the Manual 
eight terms were newly defined or significantly clarified in the 
definition section of Chapter 1. Additionally, the EAC made changes to 
clarify the independent role of Voting System Test Labs in the program, 
enhance the supervision requirements of EAC accredited laboratories 
over third party contracted laboratories, and further defined the level 
of detail required by the EAC on test plans, test cases, and test 
reports. Finally, the EAC clarified financial stability documentation 
requirements for laboratories seeking accreditation.

Thomas R. Wilkey,
Executive Director, U.S. Election Assistance Commission.
BILLING CODE 6820-KF-P

[[Page 50142]]

[GRAPHIC] [TIFF OMITTED] TN25AU08.005

BILLING CODE 6820-KF-C

[[Page 50143]]

Paperwork Reduction Act

    The reporting requirements in this manual are pending approval 
under the Paperwork Reduction Act of 1995, by the Office of Management 
and Budget Control (OMB). Persons are not required to respond to this 
collection of information unless it displays a currently valid OMB 
number. Information gathered pursuant to this document and its forms 
will be used solely to administer the EAC Testing & Certification and 
Laboratory Accreditation Program. This program is voluntary. 
Individuals who wish to participate in the program, however, must meet 
its requirements. The estimated total annual hourly burden on the 
voting system manufacturing industry and election officials is 200 
hours. This estimate includes the time required for reviewing the 
instructions, gathering information, and completing the prescribed 
forms. Send comments regarding this burden estimate or any other aspect 
of this collection, including suggestions for reducing this burden to 
the U.S. Election Assistance Commission, Voting System Testing and 
Certification Program, Office of the Program Director, 1225 New York 
Avenue, NW., Suite 1100, Washington, DC 20005.

1. Introduction
1.1. Background
1.2. Authority
1.3. Role of the National Institute of Standards and Technology
1.4. Scope
1.7. Program Personnel
1.8. Submission of Documents
1.9. Receipt of Documents--VSTL
1.10. Receipt of Documents--EAC
1.11. Record Retention--EAC
1.12. Publication and Release of Documents
1.13. References
1.14. Definitions
1.15. Acronyms and Abbreviations
2. Program Requirements
2.1. Overview
2.2. Program Requirements--Generally
2.3. NIST Recommendation
2.4. NVLAP Accreditation
2.5. Conflict of Interest and Prohibited Practices Program
2.6. Personnel Policies
2.7. Notification of Changes
2.8. Site Visits
2.9. Notice of Lawsuits
2.10. Testing, Technical Practices and Reporting
2.11. Laboratory Independence
2.12. Authority To Do Business in the United States
2.13. Communications
2.14. Resources and Financial Stability
2.15. Recordkeeping
3. Accreditation Process
3.1. Overview
3.2. NIST Recommendation
3.3. EAC Invitation
3.4. Application
3.5. EAC Review of Application Package
3.6. Grant of Accreditation
3.7. Effect of Accreditation
3.8. Expiration and Renewal of Accreditation
3.9. Denial of Accreditation
3.10. Requesting Appeal
3.11. EAC Action on a Request for Appeal
3.12. Submission of Appeal
3.13. Consideration of Appeal
3.14. Commissioner's Decision on Appeal
3.15. Effect of Denial of Accreditation
4. Compliance Management Program
4.1. Purpose
4.2. Compliance Management Program, Generally
4.3. VSTL Notification of Changes
4.4. Request for Documents and Information
4.5. On Site Laboratory Review--Generally
4.6. On Site Laboratory Review--Frequency
4.7. On Site Laboratory Review--Procedure
4.8. EAC Compliance Management Reports
4.9. Corrective Action
5. Revocation of Accreditation
5.1. Overview
5.2. Revocation Policy
5.3. Revocation--Generally
5.4. Notice of Intent to Suspend
5.5. Suspension of Accreditation
5.6. Commissioners' Decision on Revocation of Accreditation
5.7. Effect of Revocation of Accreditation
5.8. Requesting Appeal
5.9. EAC Action on a Request for Appeal
5.10. Submission of Appeal
5.11. Consideration of Appeal
5.12. Commissioner's Decision on Appeal
6. Requests for Interpretations
6.1. Overview
6.2. Policy
6.3. Requirements for Submitting a Request for Interpretation
6.4. Procedure for Submitting a Request for Interpretation
6.5. EAC Action on a Request for Interpretation
6.6. Effect of Interpretation
6.7. Library of Interpretations
7. Release of Laboratory Accreditation Program Information
7.1. Overview
7.2. EAC Policy on the Release of Certification Program Information
7.3. Trade Secrets
7.4. Privileged or Confidential Commercial Information
7.5. EAC's Responsibilities
7.6. VSTL's Responsibilities
7.7. Personal Information

Appendix A. Certification Test Plan Format and Content

Appendix B. Certification Test Report Format and Content

Appendix C. Certification of Laboratory Conditions and Practices Form

Appendix D. Specification for Reproduction and Use of the EAC

Laboratory Accreditation Logo

1. Introduction

    1.1. Background. The Federal Election Commission (FEC) adopted the 
first formal set of voluntary Federal standards for computer-based 
voting systems in January 1990. At that time, no national program or 
organization existed to test and certify such systems to the standards. 
The National Association of State Election Directors (NASED) stepped up 
to fill this void in 1994. NASED is an independent, nongovernmental 
organization of State election officials. The organization formed the 
nation's first national program to test and qualify voting systems to 
the new Federal standards. This program utilized independent 
laboratories to test voting system to voluntary Federal standards. To 
facilitate this process NASED accredited these test laboratories, which 
it referred to as Independent Test Authorities (ITA). In late 2002, 
Congress passed the Help America Vote Act of 2002 (HAVA). HAVA created 
the U.S. Election Assistance Commission (EAC) and assigned to the EAC 
the responsibility for both setting voting system standards and 
providing for the voluntary testing and certification of voting 
systems. This mandate represented the first time the Federal government 
provided for the voluntary testing, certification, and decertification 
of voting systems nationwide. In response to this HAVA requirement, the 
EAC has developed the voting system standards in the form of the 
Voluntary Voting System Guidelines (VVSG), a voting system 
certification program in the form of the Voting System Testing and 
Certification Program Manual and this document, the Voting System Test 
Laboratory Manual.
    1.2. Authority. HAVA Section 231(b) (42 U.S.C. Sec.  15371(b)) 
requires that the EAC provide for the accreditation and revocation of 
accreditation of independent, non-federal laboratories qualified to 
test voting systems to Federal standards. Generally, the EAC considers 
for accreditation those laboratories evaluated and recommend by the 
National Institute of Standards and Technology (NIST) pursuant to HAVA 
Section 231(b)(1). However, consistent with HAVA Section 231(b)(2)(B), 
the Commission may also vote to accredit laboratories outside of those 
recommended by NIST upon publication of an explanation of the reason 
for any such accreditation.
    1.3. Role of the National Institute of Standards and Technology. 
Section 231(b) (1) of HAVA requires that the National Institute of 
Standards and Technology ``conduct an evaluation of independent, non-
federal laboratories and shall submit to the Commission a list of those 
laboratories * * * to be accredited. * * *'' Additionally, HAVA Section 
231(c) requires NIST to monitor

[[Page 50144]]

and review the performance of EAC accredited laboratories. NIST has 
chosen its National Voluntary Laboratory Accreditation Program (NVLAP) 
to carry out these duties. NVLAP conducts a review of applicant 
laboratories in order to provide a measure of confidence that such 
laboratories are capable of performing testing of voting systems to 
Federal standards. Additionally, the NVLAP program monitors 
laboratories by requiring regular assessments. Laboratories are 
reviewed one year after their initial accreditation and biennially 
thereafter. The EAC has made NVLAP accreditation a requirement of its 
Laboratory Accreditation Program. However, a NVLAP accreditation is not 
an EAC accreditation. EAC is the sole Federal authority for the 
accreditation and revocation of accreditation of Voting System Test 
Laboratories (VSTL).
    1.4. Scope. This Manual provides the procedural requirements of the 
EAC voting system Laboratory Accreditation Program. Although 
participation in the program is voluntary, adherence to the program's 
procedural requirements is mandatory for participants. The procedural 
requirements of this Manual supersede any prior laboratory 
accreditation requirements issued by the EAC. This manual shall be read 
in conjunction with the EAC Voting System Testing and Certification 
Manual.
    1.5. Manual Maintenance and Revision. The Manual will be reviewed 
periodically and updated to meet the needs of the EAC, VSTLs, election 
officials, and public policy. The EAC is responsible for revising this 
document. All revisions will be made consistent with Federal law. 
Substantive input from stakeholders and the public will be sought 
whenever possible. Changes in policy requiring immediate implementation 
will be noticed via policy memoranda and will be issued to each VSTL 
and registered Manufacturers. Changes, addendums, or updated versions 
will also be posted to the EAC Web site at www.eac.gov.
    1.6. Clarification of Program Requirements and Procedures. VSTLs 
and registered Manufacturers may request clarification regarding the 
requirements and procedures set forth in this manual. Requests for 
clarification must be based upon ambiguity arising from the application 
of this manual. Hypothetical questions will not be considered. Requests 
shall be submitted to the Program Director in writing. The request 
shall clearly identify the section of the manual and issue to be 
clarified, a proposed interpretation and all relevant facts. 
Clarifications issued by the EAC will be provided to all EAC VSTLs, 
registered Manufacturers and placed on EAC's Web site.
    1.7. Program Personnel. All EAC personnel and contractors 
associated with this program will be held to the highest ethical 
standards. All agents of the EAC involved in the Accreditation Program 
will be subject to conflict-of-interest reporting and review, 
consistent with Federal law and regulation.
    1.8. Submission of Documents. Any documents submitted pursuant to 
the requirements of this Manual shall be submitted:
    1.8.1. If sent electronically, via secure e-mail or physical 
delivery of a compact disk, unless otherwise specified. The submitted 
electronic files shall be in Microsoft Word or Adobe PDF format, 
formatted to protect the document from alteration.
    1.8.2. With a proper signature when required by this Manual. 
Documents that require an authorized signature may be signed with an 
electronic representation or image of the signature of an authorized 
management representative.
    1.8.3. If sent via physical delivery, by Certified Mail 
TM (or similar means that allows tracking) to the following 
address: Testing and Certification Program Director, U.S. Election 
Assistance Commission, 1225 New York Avenue, NW., Suite 1100, 
Washington, D.C. 20005.
    1.9. Receipt of Documents--VSTL. For purposes of this Manual, a 
document, notice, or other communication is considered received by a 
VSTL upon one of the following:
    1.9.1. The actual, documented date the correspondence was received 
(either electronically or physically) at the VSTL, or
    1.9.2. If no documentation of the actual delivery date exists, the 
date of constructive receipt of the communication. For electronic 
correspondence, documents will be constructively received the day after 
the date sent. For mail correspondence, the document will be 
constructively received 3 days after the date sent.
    1.9.3. The term ``receipt'' shall mean the date a document or 
correspondence arrives (either electronically or physically) at the 
VSTL's place of business. Arrival does not require that an agent of the 
VSTL open, read, or review the correspondence.
    1.10. Receipt of Documents--EAC. For purposes of this Manual, a 
document, notice, or other communication is considered received by the 
EAC upon its physical or electronic arrival at the agency. All 
documents received by the agency will be physically or electronically 
date stamped. This stamp shall serve as the date of receipt. Documents 
received after the regular business day (5:00 PM Eastern Standard 
Time), will be treated as if received on the next business day.
    1.11. Record Retention--EAC. The EAC shall retain all records 
associated with accreditation of Voting System Test Laboratories. The 
records shall otherwise be retained or disposed of consistent with 
Federal statutes and regulations.
    1.12. Publication and Release of Documents. The EAC will release 
documents consistent with the requirements of Federal law. It is EAC 
policy to make the laboratory accreditation process as open and public 
as possible. Any documents (or portions thereof) submitted under this 
program will be made available to the public unless specifically 
protected from release by law. The primary means for making this 
information available is through the EAC Web site. See Chapter 7 of 
this Manual for additional information.
    1.13. References. The following documents are referenced in this 
Manual. For dated references, only the edition cited applies. For 
undated references, the latest edition of the referenced document 
(including any amendments) applies.

--ISO/IEC 17011, Conformity assessment--General requirements for 
accreditation bodies accrediting conformity assessment bodies.
--ISO/IEC 17025, General requirements for the competence of testing and 
calibration laboratories.
--NIST Handbook 150, (NVLAP) Procedures and General Requirements.
--NIST Handbook 150-22, (NVLAP) Voting System Testing.

    1.14. Definitions. For purposes of this Manual, the terms listed 
below have the following definitions.
    Applicant Laboratory. An independent, non-Federal laboratory which 
has applied for EAC accreditation after receipt of an invitation.
    Commission. The U.S. Election Assistance Commission, as an agency.
    Commissioners. The serving commissioners of the U.S. Election 
Assistance Commission.
    Contracted Third Party Laboratory. A laboratory contracted or 
otherwise providing testing services to a VSTL to meet program 
requirements.
    Days. Calendar days, unless otherwise noted. When counting days, 
for the purpose of submitting or receiving a document, the count shall 
begin on the first full calendar day after the date the document was 
received.

[[Page 50145]]

    Election Official. A State or local government employee who has as 
one of his or her primary duties the management or administration of a 
Federal election.
    Federal Election. Any primary, general, runoff, or special Election 
in which a candidate for Federal office (President, Senator, or 
Representative) appears on the ballot.
    Fielded Voting System. A voting system purchased or leased by a 
State or local government that is being use in a Federal election.
    Gift. A Gift includes any gratuity, favor, discount, entertainment, 
travel, service, hospitality, loan, meal, forbearance, or other item 
having monetary value.
    Integration Testing. The end-to-end testing of a full system 
configured for use in an election to assure that all legitimate 
configurations meet applicable standards.
    Key Laboratory Staff. Laboratory employees serving as approval 
authorities of test reports (approved signatories per NIST Handbook 
150) or otherwise responsible for the supervision of individuals 
performing voting system testing.
    Lead Voting System Test Laboratory. The accredited Voting System 
Test Laboratory identified on an EAC approved Application for Testing 
(EAC Voting System Testing and Certification Program Manual, Sec. 4.3, 
Certification Application).
    Manufacturer. The entity with ownership and control over a voting 
system submitted for certification.
    Memorandum for the Record. A written statement drafted to document 
an event or finding, without a specific addressee other than the 
pertinent file.
    Proprietary Information. Commercial information or trade secrets 
protected from release under the Freedom of Information Act (FOIA) and 
the Trade Secrets Act.
    Recommended Laboratory. A laboratory recommended for EAC 
accreditation by the Director of NIST after evaluation by NVLAP.
    Scope of Accreditation. The version or versions of the Federal 
voting system standards (VSS or VVSG) to which a VSTL is authorized to 
test.
    Technical Reviewers. Technical experts in the areas of voting 
system technology and conformity assessment appointed by the EAC to 
provide expert guidance.
    Testing and Certification Decision Authority. The EAC Executive 
Director or Acting Executive Director.
    Testing and Certification Program Director. The individual 
appointed by the EAC Executive Director to administer and manage the 
Testing and Certification Program.
    Voting System. The total combination of mechanical, 
electromechanical, and electronic equipment (including the software, 
firmware, and documentation required to program, control, and support 
the equipment) that is used to define ballots, cast and count votes, 
report or display election results, interface the voting system to the 
voter registration system, and maintain and produce any audit trail 
information.
    Voting System Standards. Voluntary voting system standards 
developed by the FEC. Voting System Standards have been published 
twice: once in 1990 and again in 2002. The Help America Vote Act made 
the 2002 Voting System Standards EAC guidance. All new voting system 
standards are issued by the EAC as Voluntary Voting System Guidelines.
    Voting System Test Laboratories (VSTLs). Laboratories accredited by 
the EAC to test voting systems to EAC approved voting system standards.
    Voluntary Voting System Guidelines. Voluntary voting system 
standards developed, adopted, and published by the EAC. The guidelines 
are identified by version number and date.
    1.15. Acronyms and Abbreviations. For purposes of this Manual, the 
acronyms and abbreviations listed below represent the following terms.
    Accreditation Program. The EAC Voting System Test Laboratory 
Accreditation Program
    Certification Program. The EAC Voting System Testing and 
Certification Program
    EAC. United States Election Assistance Commission
    FEC. Federal Election Commission
    HAVA. Help America Vote Act of 2002 (42 U.S.C. Sec.  15301 et seq.)
    ISO/IEC. The International Organization for Standardization & The 
International Electrotechnical Commission
    NASED. National Association of State Election Directors
    NIST. National Institute of Standards and Technology
    NVLAP. National Voluntary Laboratory Accreditation Program
    Program Director. Director of the EAC Testing and Certification 
Program
    VSS. Voting System Standards
    VSTL. Voting System Test Laboratory
    VVSG. Voluntary Voting System Guidelines

2. Program Requirements

    2.1. Overview. This chapter lists the requirements of the EAC's 
Voting System Test Laboratory Program. Adherence to these requirements 
is a condition of accreditation and a continuing obligation. Failure to 
demonstrate compliance with the requirements of this chapter may result 
in the denial of an application for accreditation, suspension of 
accreditation, or revocation of accreditation.
    2.2. Program Requirements--Generally. In order to be considered 
for, receive, and maintain an EAC accreditation as a VSTL, laboratories 
must demonstrate compliance with the requirements of EAC's Voting 
System Test Laboratory Program. The program requirements are set forth 
in this Chapter.
    2.2.1. Continuing Compliance Obligation. VSTLs have a continuing 
obligation to meet the requirements set forth in this Chapter. VSTLs 
are required to maintain their compliance with the program's 
requirements as long as they hold an EAC accreditation.
    2.2.2. Requests to Document Compliance. VSTLs may be required by 
the EAC to document compliance at any time. Such requests will be in 
writing and VSTLs shall respond timely, consistent with the request 
(see Chapter 4 of this Manual).
    2.2.3. Failure to Comply, Effect. Failure to meet each of the 
program's requirements may result in the denial of an application for 
accreditation, suspension of accreditation, or revocation of 
accreditation, consistent with the procedures of Chapter 5 of this 
Manual.
    2.3. NIST Recommendation. As a condition of accreditation, all 
laboratories must be recommended to the EAC by the National Institute 
of Standards and Technology (NIST), unless the emergency provisions of 
Chapter 3 apply. NIST is responsible, pursuant to the Help America Vote 
Act of 2002, Section 231(b), for performing a technical evaluation of 
laboratories and identifying and recommending those competent to test 
voting systems. This recommendation is provided directly to the EAC 
from NIST.
    2.4. NVLAP Accreditation. As a condition of accreditation, all 
VSTLs must hold a valid accreditation from NIST's National Voluntary 
Laboratory Accreditation Program (NVLAP), unless the emergency 
provisions of Chapter 3 apply. NVLAP accreditation is the primary means 
by which the EAC may ensure that each VSTL meets and continues to meet 
the technical requirements of the EAC program. It sets the standards 
for each of VSTL's technical, physical, and personnel resources, as 
well as its testing, management, and quality assurance policies and 
protocols. The loss or

[[Page 50146]]

suspension of a NVLAP accreditation will result in the suspension and 
possible revocation of any EAC accreditation consistent with the 
procedures of Chapter 5 of this Manual. VSTLs are required to 
immediately report any change in their NVLAP accreditation status to 
the EAC.
    2.5. Conflict of Interest and Prohibited Practices Program. As a 
condition of accreditation, all laboratories must maintain and enforce 
policies which prohibit and prevent conflicts of interest or the 
appearance of conflicts of interest. A laboratory shall ensure that 
neither the Laboratory, its parent corporation, contracted third party 
laboratories, nor any individual staff member involved in the testing 
of voting systems have any vested interest in the outcome of the test 
process. Laboratories must have a written policy in place. This policy 
must, at a minimum, (1) prohibit conflicts of interest and other 
prohibited practices and (2) provide for enforcement, consistent with 
the subsections below.
    2.5.1. Prohibited Conflicts of Interest. The purpose of a conflict 
of interest policy is to prevent situations where the exercise of an 
official duty directly impacts the actor's financial interests. For the 
purposes of this program, a prohibited conflict of interest exists if 
the duties and responsibilities of a laboratory, parent corporation, or 
a laboratory employee involved in the testing of voting systems under 
EAC's Certification Program will have a direct and predictable effect 
on the financial interest of that laboratory, parent corporation, or a 
laboratory employee.\1\ For example, an employee who is responsible for 
testing a voting system on behalf of a VSTL would be prohibited from 
holding a financial interest in the entity whose product is being 
tested or a direct competitor of that entity. A prohibited conflict of 
interest would also include a contractual or other fiduciary 
relationship between a VSTL or VSTL employee and a Manufacturer 
(outside an agreement for State or Federal certification testing) when 
that VSTL or VSTL employee is concurrently responsible for conducting 
certification testing for that Manufacturer under this program. 
Additionally, financial interests may be imputed or attributed to a 
laboratory, parent corporation, or a laboratory employee through a 
relationship with a third party. For example, a VSTL employee 
responsible for the testing of a voting system would be conflicted from 
performing his or her duties if his or her spouse owned a financial 
interest in the manufacture of the voting system.
---------------------------------------------------------------------------

    \1\ For the purpose of this Program, agreements with voting 
system manufacturers to provide testing pursuant to the requirements 
of EAC or a State's certification program do not constitute a 
prohibited conflict of interest. Certification testing is considered 
a duty and responsibility of a VSTL, not an outside financial 
interest.
---------------------------------------------------------------------------

    2.5.1.1. Involved in Testing--Defined. For the purposes of a 
financial conflict of interest, an organization is involved in the 
testing of a voting system any time it contractually or otherwise takes 
on the responsibility for testing a voting system to Federal standards 
under EAC's Certification Program. For the purposes of a financial 
conflict of interest, an employee is involved in the testing of a 
voting system when the individual's duties as a VSTL employee require 
him or her to perform testing on the system, manage the testing process 
or supervise those who perform testing on the system.
    2.5.1.2. Financial Interest--Defined. The term includes any current 
or contingent ownership, equity, or security interest in real or 
personal property or a business and may include an indebtedness or 
compensated employment relationship. It thus includes, for example, 
interests in the nature of stocks, bonds, partnership interests, fee 
and leasehold interests, and other property rights, deeds of trust, and 
liens, and extends to any right to purchase or acquire any such 
interest, such as a stock option or commodity future.
    2.5.1.3. Direct Effect--Defined. A matter will have a direct effect 
on a financial interest if there is a close causal link between any 
decision or action to be taken in the matter and any expected effect of 
the matter on the financial interest. An effect may be direct even 
though it does not occur immediately. A matter will not have a direct 
effect on a financial interest, however, if the chain of causation is 
attenuated or is contingent upon the occurrence of events that are 
speculative or that are independent of, and unrelated to, the matter. A 
matter that has an effect on a financial interest only as a consequence 
of its effects on the general economy does not have a direct effect 
within the meaning of this section.
    2.5.1.4. Predictable Effect--Defined. A matter will have a 
predictable effect if there is a real, as opposed to a speculative 
possibility that the matter will affect the financial interest. It is 
not necessary, however, that the magnitude of the gain or loss be 
known, and the dollar amount of the gain or loss is immaterial.
    2.5.1.5. Imputed Interests--Defined. An imputed interest is a 
financial interest held by a third party individual or organization 
that serves to disqualify an employee or laboratory to the same extent 
as if they were the employee's or laboratory's own interest. These 
interests include:
    2.5.1.5.1. The financial interests of a spouse or dependent child 
shall be imputed to an employee.
    2.5.1.5.2. The financial interest of any organization in which a 
laboratory, parent corporation, or a laboratory employee serves as an 
employee, officer, board member, partner, consultant, director, trustee 
or similar position shall be imputed.
    2.5.1.5.3. The interests of any contracted third party laboratory 
shall be imputed to the utilizing VSTL.
    2.5.1.5.4. The financial interest of a person or organization with 
whom an employee is negotiating or has an arrangement concerning 
prospective employment shall be imputed.
    2.5.2. Prohibited Practices. Furthermore, irrespective of the 
existence of a conflict of interest, it is a prohibited practice for a 
laboratory, parent corporation, or laboratory employee to be involved 
in the development of a voting system or solicit or receive a gift from 
a voting system Manufacturer. No laboratory, parent corporation, or 
laboratory employee may:
    2.5.2.1. Voting System Development and Testing. Provide, or have 
provided, consultation, developmental testing or other services to a 
voting system developer such that the independence, or appearance of 
independence, in the testing of a particular voting system or system 
component would be compromised.
    2.5.2.1.1. A laboratory or individual may not be involved in both 
the development of a voting system and the certification of a system. 
Voting system development includes any testing, consultation or design 
work performed in order to ready a specific system for the marketplace 
or the certification process. Generally, any testing performed on 
behalf of a voting system manufacture that was not otherwise performed 
pursuant to a State or Federal voting system certification program will 
be considered developmental in nature.
    2.5.2.1.2. The prohibition barring participation in both 
development and testing is voting system specific. An employee or 
laboratory that was previously involved \2\ in product development with 
a Manufacturer is not

[[Page 50147]]

prohibited from testing all systems produced by that Manufacturer, just 
those systems in which the employee or laboratory participated directly 
in development. As voting systems are subject to change over time, for 
the purposes of this prohibition, a voting system shall be considered 
altered to the degree that it is a different system when:
---------------------------------------------------------------------------

    \2\ The prohibition relates to a VSTL's prior involvement in 
system development. Concurrent development work and testing may 
constitute a prohibited conflict of interest under Section 2.5.2 of 
this Manual.
---------------------------------------------------------------------------

    2.5.2.1.2.1. A period of at least three years has passed since the 
VSTL or employee was involved in the system's development;
    2.5.2.1.2.2. The system has been subject to both software and 
hardware modification since the VSTL or employee was involved in the 
system's development. De minimis changes (as defined in EAC Voting 
System Testing and Certification Program Manual) are not modifications; 
AND
    2.5.2.1.2.3. The system has received a certification after being 
tested by a different independent laboratory since the VSTL or employee 
was involved in the system's development.
    2.5.2.1.3. The prohibition barring participation in both 
development and testing does not prohibit a VSTL from allowing a 
Manufacturer to perform onsite hardware mitigation on a voting system 
in response to a minor system failure or anomaly. In such cases the 
VSTL:
    2.5.2.1.3.1. Shall suspend all hardware testing;
    2.5.2.1.3.2. Shall not participate or assist the Manufacturer in 
remediation;
    2.5.2.1.3.3. May provide testing equipment and qualified operators 
to the Manufacturer for its use;
    2.5.2.1.3.4. Shall monitor and document the Manufacturer's access 
to the system consistent with Section 2.11.1. of this manual; and
    2.5.2.1.3.5. Shall document in the test report the failure or 
anomaly and remedial action taken by the Manufacturer consistent with 
Section 2.10.5.2.1 of this Manual and Chapter 4 of EAC's Certification 
Manual (anomaly matrix).
    2.5.2.2. Gifts. Solicit or receive a gift, directly or indirectly, 
from any entity which holds a financial interest in the development, 
production, or sale of voting systems, or is otherwise impacted by the 
testing and certification of voting systems. Gifts given or received 
under circumstances which make it clear that the gift is motivated by a 
family relationship or personal friendship rather than position are not 
prohibited. Relevant factors in making such a determination include the 
history of the relationship and whether the family member or friend 
personally pays for the gift.
    2.5.3. Program Enforcement Elements. Prohibited conflicts and 
practices shall be enforced through a written program which:
    2.5.3.1. Regarding Employees Involved in the Testing of Voting 
Systems.
    2.5.3.1.1. Annually collects standard information from each 
employee, including assets, debts, outside or prior activities/
employment, gifts, and any work on voting system development sufficient 
to demonstrate compliance with Section 2.5.1. and 2.5.2. of this 
Manual. The information collection must also reflect the financial 
interests of those individuals (like spouses and minor children) whose 
interests are imputed to the employee;
    2.5.3.1.2. Requires and documents the review of information 
collected for potential conflicts and prohibited practices; and
    2.5.3.1.3. Resolves all identified conflicts of interest or 
prohibited practices prior to the employee or laboratory's involvement 
in the testing of any voting system. Such resolution shall be 
documented. Resolutions may include the divestiture of assets or gifts, 
employee resignation from outside organizations, or the altering of an 
employee's responsibilities by prohibiting participation in Voting 
System Testing or the testing of a specific system.
    2.5.3.2. Regarding the VSTL or VSTL's Parent Corporation.
    2.5.3.2.1. Annually collects information pertaining to the holdings 
and activities of the VSTL and its parent corporation(s), sufficient to 
demonstrate compliance with Section 2.5.1. and 2.5.2. of this Manual;
    2.5.3.2.2. Requires and documents the review of collected 
information for potential conflicts and prohibited practices; and
    2.5.3.2.3. Resolves all identified conflicts of interest or 
prohibited practices prior to the laboratory's testing of any voting 
system. Such resolution shall be documented. Resolutions may include 
the divestiture of assets or gifts, the termination or rejection of 
conflicted or prohibited testing work.
    2.5.3.3. Regarding Contracted Third Party Laboratories. The 
interest of a contracted third party laboratory may be imputed to a 
VSTL. VSTLs may meet and enforce the program requirements of this 
section with regard to this relationship in one of two ways:
    2.5.3.3.1. Collection of third party laboratory information, review 
of information and resolution of conflicts or prohibited practices:
    2.5.3.3.1.1. Collect information pertaining to the holdings and 
activities of the third party laboratory and its employees, sufficient 
to demonstrate compliance with Section 2.5.1. and 2.5.2. of this 
Manual. This includes gathering information concerning any involvement 
by the third party laboratory or its employees in the development of 
specific voting systems. This collection of information shall be 
performed prior to the execution of any contract for the testing of 
voting systems under this program and annually thereafter if the 
contract exceeds one year in duration.
    2.5.3.3.1.2. Require and document the review of collected 
information for potential conflicts, and
    2.5.3.3.1.3. Resolve all identified conflicts of interest prior to 
the laboratory's testing of any voting system.
    2.5.3.3.2. VSTL Supervision of third party laboratories performing 
non-core testing. Where a third party laboratory is subject to direct 
VSTL supervision and observation, the third party laboratory's 
conflicts of interest or prohibited practices will not be imputed to 
the lead VSTL. Direct VSTL supervision under this section requires that 
a VSTL employee is physically present during the third party testing 
and directly observes and supervises the testing. This VSTL employee 
must: (1) have been properly vetted for conflict of interest and 
prohibited practices pursuant to Section 2.5 of this Manual, (2) be 
competent to supervise the testing being performed and (3) have no 
financial interest in the third party laboratory they are supervising.
    2.5.4.  Waivers. In rare circumstances, prohibited practices or 
conflicts of interest may be waived by the EAC after the conflict or 
prohibited practice is properly disclosed to the agency. Waivers may be 
granted at the sole discretion of the Program Director.
    2.5.4.1. Requesting a Waiver. A request for a waiver shall be made 
in writing to the EAC Program Director. The request shall fully 
disclose the conflict of interest or prohibited practice for which the 
waiver is sought. The request shall also describe all steps taken to 
resolve the conflict or prohibited practice and the reasons why such 
attempts were unsuccessful or otherwise untenable. The request shall 
also state why the waiver should be granted, consistent with the 
standard in Section 2.5.4.2.
    2.5.4.2. Waiver Standard. A disqualifying conflict of interest or 
prohibited practice is subject to waiver when the issuance of a waiver 
is in the best interest of the EAC Certification Program and the 
identified conflict or practice is unlikely to affect the integrity

[[Page 50148]]

or impartiality of the VSTL or VSTL employee's services under the EAC 
Certification Program. The Program Director may consider the following 
factors in making a waiver determination:
    2.5.4.2.1. The value of any disqualifying financial interest;
    2.5.4.2.2. The nature and impact of any prohibited practice;
    2.5.4.2.3. The role and responsibility of the employee subject to 
the conflict of interest or prohibited practice;
    2.5.4.2.4. The availability of other employees, VSTLs or 
laboratories to conduct the testing without a conflict or prohibited 
practice.
    2.5.4.2.5. The level of discretion or sensitivity required to 
perform the conflicted or prohibited duties under the certification 
program;
    2.5.4.2.6. The ability of an EAC waiver to adjust a VSTL or VSTL 
employee's testing process and duties or otherwise mandate additional 
safeguards which would limit or abrogate the impact of the conflict of 
interest or prohibited practice.
    2.5.4.3. Issuing a Waiver. Any waiver issued by the Program 
Director shall be made in writing to the requestor. The waiver shall 
state with specificity the conflict of interest or prohibited practice 
waived. The waiver shall also clearly state any conditions for its 
issuance, such as mitigating processes or procedures or safeguards. The 
VSTL is responsible for meeting all waiver conditions prior to engaging 
in the waived activity. Failure to meet such condition may result in 
the revocation of a VSTLs accreditation. The Program Director shall 
publish all waivers on the EAC Web site.
    2.5.4.4. Denying a Request for a Waiver. Any decision denying a 
request for a waiver shall be made by the Program Director in writing 
and provided to the VSTL. The Program Director shall publish all waiver 
denials on the EAC Web site.
    2.6. Personnel Policies. As a condition of accreditation, all 
laboratories shall have in place written policies to ensure that the 
Laboratory does not employ individuals, in any capacity related to the 
testing of voting systems, who have been convicted of a felony offense 
or any criminal offense involving fraud, misrepresentation, or 
deception under either Federal or State law. The VSTL shall have a 
program in place to enforce this policy and document such enforcement.
    2.7. Notification of Changes. As a condition of accreditation, all 
laboratories shall agree to notify the EAC in writing within fifteen 
(15) calendar days of any significant changes in laboratory operations 
from what the Laboratory described in any assertion that served as the 
basis for its EAC accreditation, including any assertions made to 
NIST's NVLAP or to the EAC pursuant to Chapter 3 of this Manual. 
Examples of events that require written notification include, but are 
not limited to:
    2.7.1. A Laboratory's decision to withdraw from the EAC's program;
    2.7.2. Changes in ownership of the Laboratory (other than minor-
less that 15%-change in stock ownership),
    2.7.3. A change in location of the Laboratory facility, or
    2.7.4. Personnel changes in key staff positions.
    2.8. Site Visits. As a condition of accreditation, all laboratories 
shall allow EAC representatives to enter their voting system testing 
and management facilities pursuant to the procedures and requirements 
of Chapter 4 of this Manual.
    2.9. Notice of Lawsuits. As a condition of accreditation, all 
laboratories shall provide notice to the EAC of any lawsuits or claims 
filed against it, its subcontractors, subsidiaries, employees, 
officers, owners, operators, or insurers while the Laboratory holds an 
EAC accreditation and which relate to the work performed in, or 
management of, the Laboratory's voting system testing program.
    2.10. Testing, Technical Practices and Reporting. As a condition of 
accreditation, each VSTL shall perform testing in conformance with the 
relevant standards of the applicable Federal Standards (VVSG or VSS). 
Additionally, the VSTL shall create written reports of such testing 
consistent with the requirements of the latest version of the VVSG, 
EAC's Voting System Testing and Certification Manual, any applicable 
test suites mandated by the EAC, and any other written guidance 
published by the EAC.
    2.10.1. Test Plan Package. The VSTL shall submit a test plan 
package directly to the EAC consistent with the requirements of the 
Voting System Testing and Certification Manual, the latest version of 
the VVSG, this Manual and any other written guidance from the EAC. A 
test plan package includes:
    2.10.1.1. Requirements Matrix. The Requirements Matrix is a form 
developed by the EAC which identifies each requirement found in Federal 
voting system standards (a version of the VVSG or VSS). VSTLs will be 
required to identify the standards that apply to the system being 
tested, identify the testing to be performed and provide additional 
information as required. The Requirements Matrix and instructions for 
its completion may be found on EAC Web site at www.eac.gov. The matrix 
will serve as both a tool to identify and a means to document what 
should be tested and how.
    2.10.1.2. Test Plan. The purpose of the Test Plan is to provide 
information regarding test methods. The Test Plan contains more detail 
than the Requirements Matrix.
    2.10.1.2.1. Format. VSTLs shall format each test plan consistent 
with the requirements of Appendix A of this Manual.
    2.10.1.2.2. Content. Each test plan shall identify applicable 
voting system standards and contain a description of the testing 
proposed to verify conformance. Also, each test plan shall contain a 
statement indicating the scope of the labs accreditation.
    * Required Content. For each test, the test plan shall provide 
detailed information referencing testing to be performed, including 
facility requirements, test set-up, test sequence, data recording 
requirements and pass criteria.\3\
---------------------------------------------------------------------------

    \3\ This requirement is consistent with International Standards 
Organization requirements, which serve as a basis for NIST NVLAP's 
accreditation and recommendation to the EAC. Where established and 
approved test methods do not exist, ISO Standard 17025, Section 
5.4.4., Non-Standard Method requires the testing to be validated by 
the laboratory prior to use. The EAC will review and approve the 
validated test methods.
---------------------------------------------------------------------------

    * Exception. Where a VSTL utilizes EAC mandated or approved test 
methods, the test plan may simply reference these methods and identify, 
with specificity, all deviations. Mandated test methods are those test 
methods required for use by the EAC. Approved test methods are 
standard, verified VSTL test methods approved by the EAC. VSTLs may 
submit standard test methods for approval by submitting them in writing 
to the Program Director.
    2.10.2. Test Case. After approval of the VSTLs Test Plan, the VSTL 
shall develop Test Cases. A Test Case is a system specific, step-by-
step test procedure or laboratory testing process that provides 
detailed test operation procedures sufficient for trained laboratory 
personnel to fully conduct a given test and produce repeatable results. 
The VSTL shall inform the EAC, in writing, when all test cases for the 
voting system under test have been completed. This notice shall include 
an index identifying each test case created to test the system. The 
notification should indicate if these are standard test cases, modified 
standard test cases, or a new test case. These test cases shall be 
available to the EAC for review and approval upon request.

[[Page 50149]]

    2.10.3. Testing. The highest standards shall be applied to the 
testing of voting systems. VSTLs shall perform testing in conformance 
with the relevant standards of the applicable Federal Standards (VVSG 
or VSS) and consistent with any written EAC interpretations of these 
standards. The Laboratory shall maintain its technical practices 
consistent with the standards which served as the basis for its NVLAP 
accreditation. These standards include International Standard ISO/IEC 
17025, General Requirements for the Competence of Testing and 
Calibration Laboratories; NIST Handbook 150, Procedures and General 
Requirement; NIST Handbook 150-22, Voting System Testing; any documents 
supplementing, updating or replacing these standards or handbooks; and 
any pertinent EAC guidance. When conducting testing under EAC's 
program, VSTLs shall only perform testing of voting systems consistent 
with the scope of their accreditation.
    2.10.4. Third Party Testing. Lead VSTL's may contract or otherwise 
provide for the testing of voting systems by third parties under this 
program. However, the lead VSTL shall be responsible for the accuracy, 
quality assurance, and results of all tests performed. Under this 
program, no VSTL may perform or contract for the performance of testing 
outside the scope of its accreditation. Testing performed directly by 
lead VSTL personnel using third party contractor equipment and 
facilities is not considered third party testing.
    2.10.4.1. Core Testing. Core voting system testing may only be 
performed by VSTLs. Therefore, a VSTL may only contract or otherwise 
provide for the core testing of voting systems if it uses a third party 
VSTL. Core testing includes: Technical Data Package review, physical 
configuration audit, source code review, functional configuration 
audit, system integration testing, volume testing, and security testing 
(not including cryptographic testing).
    2.10.4.2. Non-Core Testing. Non-core testing may be performed by 
non-VSTLs if they hold an EAC recognized accreditation to perform the 
relevant testing. The EAC recognizes two national accreditation bodies, 
NIST's NVLAP program and the American Association of Laboratory 
Accreditation (A2LA). Generally, a VSTL may only contract or otherwise 
provide for the non-core testing of voting systems if it uses a NVLAP 
or A2LA laboratory accredited to the specific scope of testing 
necessary. Non-core testing includes: Electromagnetic compatibility 
testing, telecommunications testing, environmental testing, electrical 
testing, acoustical testing, and cryptographic testing.\4\ In limited 
circumstances, laboratories not holding a recognized accreditation may 
be used by VSTLs for non-core testing only after approval by EAC's 
Program Director. Requests for such approval must be made in writing 
and demonstrate: (1) That there is no recognized laboratory available 
within a reasonable window of availability and geographic proximity 
(generally within the continental United States) and (2) that the VSTL 
has conducted a thorough assessment of the third party laboratory's 
capabilities, quality system, management system, and/or alternative 
accreditations and have determined and documented that the laboratory 
is qualified to perform testing. The EAC may visit, interview or audit 
any non-accredited laboratory at any time before, during, or after the 
testing has occurred to verify their qualifications.
---------------------------------------------------------------------------

    \4\ For the purposes of the EAC's Voting System Test Laboratory 
Program, non-core cryptographic testing includes all testing 
involving evaluation of cryptographic operation and key management.
---------------------------------------------------------------------------

    2.10.4.3. VSTL Responsibilities. Lead VSTLs are responsible for all 
tests performed on voting systems submitted to them by Manufacturers 
under EAC's Testing and Certification Program. This includes testing 
(both core and non-core) performed by third party laboratories under 
their direction (including third party VSTL laboratories). Any 
procedural or substantive irregularities or errors which occur during 
the third party testing process will be imputed to the responsible lead 
VSTL. Such failures may serve as a basis for the revocation of 
accreditation. Lead VSTLs using third party laboratories (consistent 
with Sections 2.10.4.1 through 2.10.4.2, above) shall take steps to 
ensure that the third party laboratories they employ meet the standards 
of this Program. At a minimum, the lead VSTLs shall ensure:
    2.10.4.3.1. The third party laboratory provides the lead VSTL 
verifiable documentation regarding its relevant accreditation;
    2.10.4.3.2. Any hardware tested by the qualified third party 
laboratory is first validated by the lead VSTL as the same hardware 
presented to it for certification;
    2.10.4.3.3. The third party laboratory provides the lead VSTL with 
evidence that it will direct its activities in compliance with any and 
all relevant VVSG requirements for testing and that the testing was, in 
fact, performed consistent with such specific requirements. Any special 
procedures, tools, or testing software necessary to meet VVSG 
requirements must be validated by the lead VSTL prior to use. For 
example, the VVSG requires that systems be tested while operating and 
that such operation be in a manner and under conditions that simulate 
election use. In such cases, the lead VSTL must ensure that the third 
party laboratory will properly implement the VVSG requirements, 
validate its election simulation tools, and properly performed the 
testing;
    2.10.4.3.4. The lead VSTL performs all system accuracy, 
reliability, functionality and integration testing; and
    2.10.4.3.5. The third party laboratory issues a report to the lead 
VSTL that fully documents its testing such that the lead VSTL may 
demonstrate compliance with this section and produce a report 
consistent with Section 2.10.5 of this Manual.
    2.10.5. Test Report Package. The Test Report Package represents the 
culmination of the testing process. As such, it is vital that it 
accurately and completely document the testing performed and the 
results of such testing. VSTLs shall submit Test Report Packages 
directly to the EAC. The packages shall include:
    2.10.5.1. Requirements Matrix. VSTLs shall complete the 
requirements matrix originally submitted with its test plan (see 
Section 2.10.1 above). The Requirements Matrix and instructions for its 
completion may be found on the EACs Web site at www.eac.gov. The final 
submission of the Requirements Matrix will serve as verification that 
the VSTL performed the testing required to demonstrate compliance with 
voting system standards.
    2.10.5.2. Test Report. VSTLs shall provide a test report.
    2.10.5.2.1. Content. All test reports shall document the testing 
process, including the documentation and justification of any 
divergence from the EAC approved test plan, methods, or cases and the 
identification of all failures and/or anomalies along with any remedial 
action taken \5\ (see Chapter 4 of the EAC's Voting System Testing and 
Certification Manual regarding the anomaly matrix). Test reports shall 
also document any prescribed maintenance or modifications, performed by 
the Manufacturer, to a voting system in testing. Such maintenance or 
modifications shall be monitored by the

[[Page 50150]]

VSTL consistent with Section 2.11.1 of this Manual.
---------------------------------------------------------------------------

    \5\ VSTLs must report all errors and anomalies identified in the 
test campaign even when an error is identified during the testing of 
unrelated functionality.
---------------------------------------------------------------------------

    2.10.5.2.2. Format. To the greatest extent possible, VSTLs shall 
write reports such that they are understandable to non-technical 
persons. As the EAC will publish these reports (bar portions prohibited 
by law), VSTLs shall refrain from including in them trade secrets or 
other commercial information protected from release unless 
substantively required. Where information protected from release may be 
included, it shall be identified consistent with Chapter 7 of this 
Manual. VSTLs shall format each test report consistent with the 
requirements of Appendix B of this Manual.
    2.10.5.3. VSTL Attestation. The VSTL shall provide a letter, signed 
by a representative authorized to take action on behalf of the VSTL 
(see Sections 2.13 and 3.4.1.6. of this Manual), which attests that (1) 
all testing prescribed by the test plan or amended test plan was 
performed as identified or the divergence from the test plan was 
properly documented, (2) all identified voting system anomalies or 
failures were reported and resolved, (3) that the test report is 
accurate and complete, and (4) the VSTL recommends the system for 
certification.
    2.10.6. Acceptance of Prior Testing. Generally, a valid test 
previously performed on a voting system by a VSTL, or by a third party 
test laboratory operating at the direction of a VSTL, may be reused at 
the discretion of the lead VSTL. The EAC encourages VSTLs to use such 
testing to fulfill current certification requirements. The EAC will 
accept prior testing only when the below requirements are met. Lead 
VSTLs are responsible for ensuring that the prior testing has met these 
requirements. Prior testing is valid when:
    2.10.6.1. The discrete software or hardware component previously 
tested is demonstrably identical to that presently offered for testing. 
Lead VSTLs must examine the components to ensure no change has taken 
place consistent with all documentation. When valid prior testing is 
used, the system presented must be subject to regression testing, 
functional testing and system integration testing;
    2.10.6.2. The voting system standards and relevant EAC 
interpretations applicable to the prior and current testing are 
identical;
    2.10.6.3. The test methods used are equivalent or identical to 
current test methods approved by the EAC;
    2.10.6.4. The prior testing has been reviewed by the VSTL and no 
errors or omissions are apparent. Any errors or omissions identified 
shall be reported to the EAC; and
    2.10.6.5. The adoption and use of prior testing is noted in the 
test plan and test report. Like all testing, prior testing is subject 
to EAC review and approval.
    2.10.7. Termination of Testing Prior to Completion. In the event 
testing is terminated prior to completion, VSTLs are required to notify 
the EAC Program Director. This notification shall be in writing and 
state the reasons for termination, provide a list of all testing 
completed, and produce a matrix of test anomalies or failures pursuant 
to Section 4.5.2 of the EAC Testing and Certification Program Manual.
    2.10.7.1. Termination Defined. Voting system testing shall be 
considered terminated when the testing process is permanently ended or 
otherwise halted without a specific plan to recommence within 180 days 
of the last test performed.
    2.10.7.2. Effect of Termination. Notification of termination will 
result in the suspension of the Manufacturer's Certification 
Application. Additionally, the termination and VSTL's written notice 
shall be posted on EAC's Web site.
    2.10.7.3. Resubmission after Termination. Manufacturers may 
resubmit a system previously terminated by submitting an updated 
application consistent with Chapter 4 of the Voting System Testing and 
Certification Program Manual. Pursuant to Section 2.11 of this Manual 
and Section 4.3.1.2 of the Voting System Testing and Certification 
Program Manual, a system resubmitted to the EAC after termination must 
be tested by the VSTL identified on the original application.
    2.11. Laboratory Independence. As a condition of accreditation, all 
laboratories shall maintain their independence from voting system 
Manufacturers, consistent with their roles and responsibilities as a 
key component of the EAC Certification program. VSTLs shall maintain an 
arm's length relationship with the manufacturers and avoid even the 
appearance of improper conduct. In order to maintain independence, 
VSTLs shall adhere to the following independence principles and 
requirements:
    2.11.1. Testing Independence. Consistent with the requirements of 
this Manual, only the lead VSTL identified on a voting system's 
application form may test or oversee the testing of that system. Under 
no circumstances may a Manufacturer perform or participate in any 
testing which will serve as the basis of an EAC certification. 
Participation includes but is not limited to the observation of testing 
by the Manufacturer.\6\ Additionally, lead VSTL's shall ensure that 
Manufactures' do not have access to a system under test unless 
accompanied and monitored by a VSTL representative.
---------------------------------------------------------------------------

    \6\ Not all activities required for EAC Certification are 
``testing'' activities. Examples of certification requirements that 
do not fall into the category of ``testing'' include trusted and 
witness builds.
---------------------------------------------------------------------------

    2.11.2. Decision Making. Determinations regarding testing, test 
requirements, and test results shall be made on the basis and for the 
purpose of ensuring that the systems tested meet Federal voting system 
standards. A VSTL's primary purpose shall be to serve the public 
interest through adherence to the EAC Testing and Certification 
Program.
    2.11.3. Single Laboratory Requirement. EAC's Testing and 
Certification Program prohibits Manufacturers from changing 
laboratories during the testing process. Once a lead VSTL is identified 
to the EAC by the Manufacturer to test a system, a test report will not 
be accepted by the EAC from any other laboratory unless authorized 
pursuant to Chapter 4 of the EAC's Voting System Testing and 
Certification Program Manual. This strict policy supports VSTLs in 
their independent decision making role. VSTLs shall immediately report 
to the EAC Certification Program Director any time a Manufacturer 
withdraws a product from testing or the testing is otherwise terminated 
(see Section 2.10.7. of this Manual).
    2.11.4. Fee for Service. All fees paid by a Manufacturer to a VSTL 
shall be solely for services rendered. No payment may be accepted by a 
VSTL that is not directly linked to services necessary to complete 
system testing. No payment may be accepted by a VSTL that is 
conditioned or dependent on testing outcome.
    2.11.5. Written Communications. To ensure and document the 
independent relationship between test laboratories and Manufacturers, 
all substantive discussions regarding the outcome, cost, payment and 
testing of a voting system shall be conducted or otherwise documented 
in writing by the VSTL. These records shall be maintained consistent 
with Section 2.15 of this Manual. Examples of substantive discussions 
between the lead VSTL and a Manufacturer include but are not li
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.